ffce6baf9db8793c3b4487894da7a118128def77ee3191e3cecf6d47914f26ea

General

Target

ffce6baf9db8793c3b4487894da7a118128def77ee3191e3cecf6d47914f26ea
Size

325KB
MD5

2431ac38a1f26d4863a9bbd2ee94146f
SHA1

e6bfedd09248b34c84d13b4db01559be0dfb3028
SHA256

ffce6baf9db8793c3b4487894da7a118128def77ee3191e3cecf6d47914f26ea
SHA512

783dd0df0fa0191e6e21bb23d5567e7b5423994656594f16e9b948c8e1532bb40a3cbf0209f8f0f5171485ded789859ee14d030492cbe5a7b65ebcf46a62f7f1
SSDEEP

6144:dX7QyaCdwVn1Srq7srpdDapV7XJ7UTKgsLpUYLAAwXX0pY1FA7VbDOVrVV+4qx:drbwV6q7wiV7FUTKg0OYLAAEX0pyABPT

Score

N/A

Malware Config

Signatures

Files

ffce6baf9db8793c3b4487894da7a118128def77ee3191e3cecf6d47914f26ea
.dll windows x86

cce8e32724b97d21f76e1b4195d60adf

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ntdll

LdrVerifyImageMatchesChecksum

imm32

ImmUnlockIMCC
ImmSimulateHotKey
ImmSetStatusWindowPos
ImmSetOpenStatus
ImmGetOpenStatus
ImmIsIME

shell32

RegenerateUserEnvironment
FreeIconList
DuplicateIcon
DragQueryPoint
DragAcceptFiles

kernel32

SizeofResource
VirtualAlloc
VirtualFree
VirtualProtect
WriteProcessMemory
lstrcmpA
lstrcpynA
lstrlenA
SetThreadPriorityBoost
SetPriorityClass
RegisterWaitForSingleObjectEx
QueryPerformanceCounter
ProcessIdToSessionId
MulDiv
CancelDeviceWakeupRequest
CancelTimerQueueTimer
ExitProcess
FindResourceA
GetACP
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetHandleInformation
GetModuleFileNameA
GetModuleHandleA
GetNumberOfConsoleInputEvents
GetProcessHeap
GetProcessPriorityBoost
GetSystemDefaultLCID
GetSystemDefaultLangID
GetSystemTimeAsFileTime
GetTapeParameters
GetTickCount
GetVersionExA
GlobalAlloc
GlobalHandle
InterlockedDecrement
InterlockedExchange
InterlockedIncrement
IsProcessorFeaturePresent
LoadLibraryA
LoadResource
Module32First
Module32NextW

Exports

Exports

CreateMarkers
CreatePolygon
MatrixRotationZ
mpegInSeekSample

Sections

.text
Size: 53KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 138KB - Virtual size: 137KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 67KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 63KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cce8e32724b97d21f76e1b4195d60adf

Headers

File Characteristics

Imports

ntdll

imm32

shell32

kernel32

Exports

Exports

Sections

.text Size: 53KB - Virtual size: 52KB

.rdata Size: 138KB - Virtual size: 137KB

.data Size: 67KB - Virtual size: 67KB

.rsrc Size: 63KB - Virtual size: 63KB

.reloc Size: 3KB - Virtual size: 2KB

.text
Size: 53KB - Virtual size: 52KB

.rdata
Size: 138KB - Virtual size: 137KB

.data
Size: 67KB - Virtual size: 67KB

.rsrc
Size: 63KB - Virtual size: 63KB

.reloc
Size: 3KB - Virtual size: 2KB