813a662e78e739ecce16e92a01bd64a06cc86f7b47978b07cccc83a4049cd80f

Sharing

Copy URL Twitter E-mail

General

Target

813a662e78e739ecce16e92a01bd64a06cc86f7b47978b07cccc83a4049cd80f
Size

414KB
MD5

c39c0dc08f3a8eecfbe1841584316e16
SHA1

f1b14894c8e227b55d4e5e8aba840cb5305fad1f
SHA256

813a662e78e739ecce16e92a01bd64a06cc86f7b47978b07cccc83a4049cd80f
SHA512

2dda232824b20cb83255bad9f7ebc5e285309ec18d8be04c7135fd1b08be8ed1ead734d6663ec9c6a43adda1d137e240791ac89658d7308f0c7209d3a9d2296e
SSDEEP

12288:8cLFTXEbMv/Kllennw6kPtCAsPX8uwdtXSouS:JTXEbMKl0nw6kPs0uWMov

Score

N/A

Malware Config

Signatures

Files

813a662e78e739ecce16e92a01bd64a06cc86f7b47978b07cccc83a4049cd80f
.dll windows x86

335d4585879b59c4816c78a63834bcdf

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTickCount
GetUserDefaultUILanguage
GetVersion
GlobalFree
InterlockedExchange
InterlockedIncrement
IsDBCSLeadByte
IsProcessorFeaturePresent
LeaveCriticalSection
LoadLibraryA
LoadResource
LockResource
MultiByteToWideChar
OutputDebugStringA
GetSystemTimeAsFileTime
ReleaseMutex
RtlUnwind
SetThreadContext
SetThreadExecutionState
SetupComm
SizeofResource
TerminateProcess
TryEnterCriticalSection
UnhandledExceptionFilter
VirtualAlloc
WaitForMultipleObjects
WaitForSingleObject
GetProcessPriorityBoost
CloseHandle
GetProcessAffinityMask
GetModuleHandleA
GetMailslotInfo
GetLastError
GetCurrentThreadId
GetCurrentProcessId
GetCurrentProcess
GetCurrentConsoleFont
GetCommandLineA
GetCommConfig
FreeLibrary
FlushConsoleInputBuffer
ExitProcess
EnterCriticalSection
DisableThreadLibraryCalls
CreateThread
CreateMutexA
CreateFileA
QueryPerformanceCounter

advapi32

LsaQuerySecurityObject
RegEnumKeyExA
RegQueryValueExA
CloseTrace

dinput

DirectInputCreateA

msvcrt

_j0
_msize
_stricmp
_unlock
_vsnprintf
_wfindfirsti64
floor
free
iswspace
qsort
sqrt
tan
tolower
wcscpy
_initterm
_finite
_atoi64
_amsg_exit
__p__winver
__RTDynamicCast
__CxxLongjmpUnwind
_XcptFilter
_Gettnames
_CxxThrowException
_CIsqrt
_CIcos
_CIatan
_CIacos

gdi32

GetObjectA
GetTextMetricsA
ExtTextOutA
SetBkMode
SetTextAlign
CreateFontIndirectW
ExtTextOutW
DeleteDC
CreateFontIndirectA
CreateDIBSection
CreateCompatibleDC
GetTextMetricsW
CloseFigure

ole32

CreateStreamOnHGlobal

Exports

Exports

FromDoubles
HasAttrString
LocalsToFast
String_Type

Sections

.text
Size: 73KB - Virtual size: 73KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 243KB - Virtual size: 242KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 70KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

335d4585879b59c4816c78a63834bcdf

Headers

File Characteristics

Imports

kernel32

advapi32

dinput

msvcrt

gdi32

ole32

Exports

Exports

Sections

.text Size: 73KB - Virtual size: 73KB

.rdata Size: 243KB - Virtual size: 242KB

.data Size: 70KB - Virtual size: 71KB

.rsrc Size: 21KB - Virtual size: 21KB

.reloc Size: 5KB - Virtual size: 4KB

.text
Size: 73KB - Virtual size: 73KB

.rdata
Size: 243KB - Virtual size: 242KB

.data
Size: 70KB - Virtual size: 71KB

.rsrc
Size: 21KB - Virtual size: 21KB

.reloc
Size: 5KB - Virtual size: 4KB