9256bb50088c03ee383ee8250e9887ccd8c638df1dab81553e8c894a58a1a622

Sharing

Copy URL

Twitter E-mail

General

Target

9256bb50088c03ee383ee8250e9887ccd8c638df1dab81553e8c894a58a1a622
Size

724KB
MD5

4381595133f89781e09f9f253cd0c680
SHA1

29e82c4a08a55b084e08a01c711f2354f8538617
SHA256

9256bb50088c03ee383ee8250e9887ccd8c638df1dab81553e8c894a58a1a622
SHA512

785c026f4102d564837557d11ad1adeab178ff25fecf6a5473902707d9ff2dcedee0d38bc23d75e79f57f24d845680aaca5647b3762622c7c65660e9a290edac
SSDEEP

12288:aT7JBmznQYkRcIiLyyrcRsix7mRHIpL5IPvchXGM+36Yw/4Xgr8KecVWtzKPdSJD:aT7JBmzn8cIiLyyrcKipmRHIpL5IPvca

Score

N/A

Malware Config

Signatures

Files

9256bb50088c03ee383ee8250e9887ccd8c638df1dab81553e8c894a58a1a622
.dll windows x86

e240f9d619f0694196898df850bfdb72

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetVersionExA
GetFileSize
CreateFileA
GetTempPathA
GetLocaleInfoA
QueryPerformanceCounter
QueryPerformanceFrequency
GetSystemInfo
GetVersion
MultiByteToWideChar
MapViewOfFile
CreateFileMappingA
GetTempFileNameA
CreateProcessA
WideCharToMultiByte
GetNumberFormatA
SetLocaleInfoA
SetErrorMode
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
GetSystemTimeAsFileTime
ExitProcess
Sleep
lstrcatA
GetDateFormatA
GetTimeFormatA
IsDBCSLeadByte
CreateThread
CloseHandle
GetCurrentThreadId
SetThreadExecutionState
GetCurrentProcessId
GetEnvironmentVariableA
GetModuleFileNameA
UnmapViewOfFile
DisableThreadLibraryCalls
InterlockedIncrement
InterlockedDecrement
GetTickCount
lstrcmpiA
lstrcpynA
lstrlenA
FreeLibrary
GetModuleHandleA
GetProcAddress
LoadLibraryA
OutputDebugStringA
GetLastError
GetPrivateProfileStringA
lstrcmpA

user32

IsRectEmpty
SetWindowTextA
SetRect
OffsetRect
ClientToScreen
SetForegroundWindow
GetForegroundWindow
AttachThreadInput
EnableWindow
GetDC
ReleaseDC
GetWindowPlacement
CharPrevA
GetSystemMetrics
IsDialogMessageA
TranslateMessage
PostQuitMessage
GetSysColor
PeekMessageA
DispatchMessageA
PostMessageA
CharLowerA
SetWindowRgn
SendMessageA
CharNextA
SetFocus
GetWindowLongA
SetPropA
GetWindow
CallWindowProcA
RemovePropA
SetWindowLongA
IsChild
GetClassNameA
RedrawWindow
SetParent
SystemParametersInfoA
IntersectRect
MapWindowPoints
InvalidateRect
FindWindowExA
GetWindowThreadProcessId
GetParent
IsWindowEnabled
IsZoomed
ShowWindow
IsWindow
IsWindowVisible
GetActiveWindow
SetWindowPos
PtInRect
GetWindowRect
CreatePopupMenu
GetCursorPos
InsertMenuItemA
SetMenuDefaultItem
TrackPopupMenu
GetMenuItemCount
GetMenuItemInfoA
GetClassInfoA
DefWindowProcA
RegisterClassA
CreateWindowExA
GetClientRect
DestroyWindow
IsIconic

advapi32

RegDeleteKeyA
RegQueryValueExA
RegQueryInfoKeyA
RegSetValueExA
RegCreateKeyExA
RegEnumKeyA
RegCloseKey
RegCreateKeyA
RegSetValueA
RegQueryValueA
RegDeleteValueA
RegEnumKeyExA
RegOpenKeyA
RegOpenKeyExA

gdi32

DeleteDC
SelectObject
CreateCompatibleDC
DeleteObject
CreateSolidBrush
CombineRgn
ExtCreateRegion
GetDeviceCaps
GetDCOrgEx
GetClipBox
GetTextFaceA
GetStockObject
CreateDCA
SetBkColor
SetTextColor
GetTextExtentPoint32A

msvcr71

_stricmp
_vsnprintf
strcspn
_ismbcspace
realloc
malloc
calloc
fseek
ftell
fread
localtime
strftime
_atoi64
remove
strncmp
fopen
_write
fwrite
fclose
_splitpath
strstr
clock
__CxxFrameHandler
memmove
_CxxThrowException
??0exception@@QAE@ABV0@@Z
??1exception@@UAE@XZ
??0exception@@QAE@XZ
strrchr
strtol
strncpy
printf
_mbctype
_getmbcp
_errno
_fstat
_chsize
_lseeki64
_telli64
_stat
sscanf
tolower
_unlink
_except_handler3
__dllonexit
_onexit
??1type_info@@UAE@XZ
_initterm
_adjust_fdiv
__CppXcptFilter
isdigit
strtod
_snprintf
_itoa
_strnicmp
_strcmpi
_putenv
_close
_creat
_open
_sopen
_lseek
_tell
_read
__security_error_handler
?terminate@@YAXXZ
_strdup
strtok
isspace
_purecall
??3@YAXPAX@Z
??2@YAPAXI@Z
atoi
sprintf
??_U@YAPAXI@Z
??_V@YAXPAX@Z
atof
time
atol
free
strchr

msvcp71

??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z

Exports

Exports

RMACreateInstance
RMAShutdown
SetDLLAccessPath

Sections

.text
Size: 412KB - Virtual size: 410KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 56KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 36KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 196KB - Virtual size: 196KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

e240f9d619f0694196898df850bfdb72

Headers

File Characteristics

Imports

kernel32

user32

advapi32

gdi32

msvcr71

msvcp71

Exports

Exports

Sections

.text Size: 412KB - Virtual size: 410KB

.rdata Size: 56KB - Virtual size: 52KB

.data Size: 12KB - Virtual size: 11KB

.rsrc Size: 8KB - Virtual size: 4KB

.reloc Size: 36KB - Virtual size: 34KB

.text Size: 196KB - Virtual size: 196KB

.text
Size: 412KB - Virtual size: 410KB

.rdata
Size: 56KB - Virtual size: 52KB

.data
Size: 12KB - Virtual size: 11KB

.rsrc
Size: 8KB - Virtual size: 4KB

.reloc
Size: 36KB - Virtual size: 34KB

.text
Size: 196KB - Virtual size: 196KB