e913e1831cdfceaaec859fde4bab302cdc79f9a39cacad251385b6868f5a84c0

Sharing

Copy URL Twitter E-mail

General

Target

e913e1831cdfceaaec859fde4bab302cdc79f9a39cacad251385b6868f5a84c0
Size

399KB
MD5

afa06d70ef0edb6d5d21d32485cd9a48
SHA1

70ebdaf69da3003932b5f72a94480c924520cc00
SHA256

e913e1831cdfceaaec859fde4bab302cdc79f9a39cacad251385b6868f5a84c0
SHA512

f1b5644bd1ba5ea43b95a9e3bd537196a4b43e44c03c8b9a20233112f376b88f4bd4b27078cc9a023d741424b8784c8d49fa7b520fbc2979c7879a4538ea9971
SSDEEP

12288:ETTjow5/xrwG03cIsVjnQm7blGuIpoIaY:ETTjow5prs3DsVjJXdXI7

Score

N/A

Malware Config

Signatures

Files

e913e1831cdfceaaec859fde4bab302cdc79f9a39cacad251385b6868f5a84c0
.dll windows x86

3c4ec7d012fbd116f20a3c667868bea3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegEnumKeyExA
RegQueryValueExA
RemoveTraceCallback
RegCloseKey

gdi32

CloseFigure
CreateCompatibleDC
CreateDIBSection
CreateFontIndirectA
CreateFontIndirectW
DeleteDC
DeleteObject
ExtTextOutA
ExtTextOutW
GetFontLanguageInfo
GetGlyphOutlineA
GetObjectA
GetTextMetricsA
GetTextMetricsW
SelectObject
SetBkColor
SetBkMode
SetMapMode
SetTextAlign

msvcrt

_isnan
_CIacos
tolower
qsort
memcpy
malloc
iswspace
iswpunct
iswprint
iswalpha
free
floor
_vsnprintf
_unlock
_stricmp
_j0
memmove
_initterm
_finite
_controlfp
_atoi64
_amsg_exit
__p__winver
__dllonexit
_XcptFilter
_Strftime
_CxxThrowException
_CIsqrt
_CIsin
_CIcos
_CIatan
_CIasin

ole32

CreateStreamOnHGlobal

kernel32

WriteTapemark
WideCharToMultiByte
WaitForSingleObject
WaitForMultipleObjects
VirtualAlloc
UnhandledExceptionFilter
TryEnterCriticalSection
TerminateProcess
SizeofResource
SetThreadContext
RtlUnwind
ReleaseMutex
ReadFile
QueryPerformanceCounter
OutputDebugStringA
MultiByteToWideChar
LockResource
LoadResource
LoadLibraryA
LeaveCriticalSection
IsProcessorFeaturePresent
InterlockedIncrement
InterlockedExchange
InterlockedCompareExchange
GetVersion
GetTickCount
GetSystemTimeAsFileTime
GetProcessPriorityBoost
GetProcessAffinityMask
GetModuleHandleA
GetModuleFileNameA
GetMailslotInfo
GetLastError
GetFullPathNameW
CloseHandle
CreateFileA
CreateMutexA
CreateThread
DisableThreadLibraryCalls
EnterCriticalSection
ExitProcess
FindResourceA
FreeLibrary
GetCommProperties
GetCommandLineA
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId

Exports

Exports

LoadVolumeFromVolume
MatrixDecompose
SHDot
SHEvalSphericalLight
SchemaIsClassAContainer

Sections

.text
Size: 79KB - Virtual size: 79KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 174KB - Virtual size: 173KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 70KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 70KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3c4ec7d012fbd116f20a3c667868bea3

Headers

File Characteristics

Imports

advapi32

gdi32

msvcrt

ole32

kernel32

Exports

Exports

Sections

.text Size: 79KB - Virtual size: 79KB

.rdata Size: 174KB - Virtual size: 173KB

.data Size: 70KB - Virtual size: 70KB

.rsrc Size: 70KB - Virtual size: 69KB

.reloc Size: 4KB - Virtual size: 4KB

.text
Size: 79KB - Virtual size: 79KB

.rdata
Size: 174KB - Virtual size: 173KB

.data
Size: 70KB - Virtual size: 70KB

.rsrc
Size: 70KB - Virtual size: 69KB

.reloc
Size: 4KB - Virtual size: 4KB