3255f4c62a40359c53798975668c0ce5ab7b6b741a7a604883c29d3a99a16931

Sharing

Copy URL Twitter E-mail

General

Target

3255f4c62a40359c53798975668c0ce5ab7b6b741a7a604883c29d3a99a16931
Size

334KB
MD5

c310f24d9993f857f2f2541a814d65ee
SHA1

3da953a496fc359c5c66381e82cb8694c3507502
SHA256

3255f4c62a40359c53798975668c0ce5ab7b6b741a7a604883c29d3a99a16931
SHA512

0a5668513436d1c324064ee629788a921578e1b6ba97d29a1466cc4cfc6559a2d56906bd80e9a8112a95f3a2b07b59c1a64fcd5e8d9a764b02e1386ab0a69fdd
SSDEEP

6144:RoNDFAWcBx9r9X9REsE80TRblwoe53x1NM73gtTEb/r/S+J1A5H3jctoOf7puSND:RZWOJXHEsY5UNIwtTEb/bt1A5H3jct9L

Score

N/A

Malware Config

Signatures

Files

3255f4c62a40359c53798975668c0ce5ab7b6b741a7a604883c29d3a99a16931
.dll windows x86

f48a0bce849c519c49bd35c4938e5a10

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

ShellHookProc
SHLoadNonloadedIconOverlayIdentifiers
SHGetMalloc
ExtractIconA
DuplicateIcon

rpcrt4

RpcBindingVectorFree
NdrUserMarshalBufferSize
NdrPointerFree

msi

ord35
ord52
ord141
ord158

kernel32

GetTimeZoneInformation
WaitForMultipleObjectsEx
VirtualProtect
VirtualFree
VirtualAlloc
SizeofResource
SetPriorityClass
QueryPerformanceCounter
PurgeComm
ProcessIdToSessionId
lstrlenA
lstrcpynA
lstrcmpiA
lstrcmpA
CancelDeviceWakeupRequest
CancelWaitableTimer
CreateTimerQueue
DeleteTimerQueueTimer
DisableThreadLibraryCalls
ExitProcess
FindResourceA
FlushInstructionCache
FreeLibrary
GetCurrentProcessId
GetCurrentThreadId
GetModuleFileNameA
GetModuleHandleA
GetNumberOfConsoleInputEvents
GetProcessHeap
GetProcessPriorityBoost
GetSystemTimeAdjustment
GetSystemTimeAsFileTime
GetTickCount
Module32First
GetVersionExA
GlobalAlloc
GlobalFree
GlobalHandle
HeapFree
InitializeCriticalSection
InterlockedDecrement
InterlockedExchange
InterlockedIncrement
IsDBCSLeadByte
LeaveCriticalSection
LoadLibraryA
LoadResource
LockResource
WideCharToMultiByte

wininet

ShowCertificate
InternetQueryFortezzaStatus

Exports

Exports

ColorAdjustSaturation
CreateEffectPool
CreateSkinInfoFromBlendedMesh
CreateTextW
CreateTextureFromFileW
DebugMute
GetRTFOptions
MatrixOrthoOffCenterRH
MatrixTranspose
QuaternionNormalize
TessellateRectPatch
mpegInGetNextFrameTS
mpegInOpenExisting

Sections

.text
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 156KB - Virtual size: 156KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 63KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 62KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f48a0bce849c519c49bd35c4938e5a10

Headers

File Characteristics

Imports

shell32

rpcrt4

msi

kernel32

wininet

Exports

Exports

Sections

.text Size: 48KB - Virtual size: 48KB

.rdata Size: 156KB - Virtual size: 156KB

.data Size: 63KB - Virtual size: 63KB

.rsrc Size: 62KB - Virtual size: 62KB

.reloc Size: 2KB - Virtual size: 2KB

.text
Size: 48KB - Virtual size: 48KB

.rdata
Size: 156KB - Virtual size: 156KB

.data
Size: 63KB - Virtual size: 63KB

.rsrc
Size: 62KB - Virtual size: 62KB

.reloc
Size: 2KB - Virtual size: 2KB