d4fed67ba5da5f1cf24b36021bea50ea82421812dce6bcc8f1a5afab3c5bd9d7

Sharing

Copy URL Twitter E-mail

General

Target

d4fed67ba5da5f1cf24b36021bea50ea82421812dce6bcc8f1a5afab3c5bd9d7
Size

406KB
MD5

ae0ee85108570ec7ab48f66979e2c205
SHA1

6517a29314fd9e3eaecad04c2ffeb57887ca5a32
SHA256

d4fed67ba5da5f1cf24b36021bea50ea82421812dce6bcc8f1a5afab3c5bd9d7
SHA512

416857ef99cdcf6b6cd1bb8120149c0a36b232802d6b168e637439be0edd1c2130b620f1c0acd6987d7a1da71d07c07f3dccf84c31e996ca3cca1ada3068ee6a
SSDEEP

12288:JT1CujoTnRceFw37qpn3OuFbKB9Kk4zkXYgfQRrs:Jx+rRcGw3WpnxFeB9KfOY9r

Score

N/A

Malware Config

Signatures

Files

d4fed67ba5da5f1cf24b36021bea50ea82421812dce6bcc8f1a5afab3c5bd9d7
.dll windows x86

7f21ad44f845fae25d0c0deed68b3f2d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

tolower
strcat
qsort
putc
memset
memmove
memcpy
malloc
iswspace
iswpunct
iswdigit
iswalpha
free
asin
_wcsset
_vsnwprintf
_vsnprintf
_unlock
_stricmp
_onexit
_lock
_isnan
_initterm
_i64toa
_finite
_controlfp
_beep
_amsg_exit
__dllonexit
__CxxFrameHandler
_XcptFilter
_CxxThrowException
_CIsqrt
_CIsin
_CIcos
_CIatan2
_CIatan
_CIasin
_CIacos

kernel32

_llseek
WideCharToMultiByte
WaitForSingleObject
WaitForMultipleObjects
WaitCommEvent
VirtualAlloc
UnhandledExceptionFilter
TransactNamedPipe
TerminateProcess
SizeofResource
CloseHandle
CreateFileA
CreateMutexA
CreateThread
DebugBreak
DeleteAtom
DeleteCriticalSection
DeviceIoControl
EnterCriticalSection
ExitProcess
FindResourceA
FindResourceW
FlushViewOfFile
GetCPInfo
GetCommandLineA
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetFileSize
GetFileSizeEx
GetFullPathNameW
GetLastError
GetModuleFileNameA
GetModuleHandleA
GetProcAddress
GetProcessAffinityMask
SetUnhandledExceptionFilter
GetSystemTimeAsFileTime
GetTickCount
GetVersion
InitializeCriticalSection
InterlockedCompareExchange
InterlockedDecrement
InterlockedExchange
InterlockedIncrement
IsProcessorFeaturePresent
IsValidCodePage
LeaveCriticalSection
LoadLibraryA
LoadResource
LockResource
MapViewOfFileEx
MultiByteToWideChar
OutputDebugStringA
QueryPerformanceCounter
RaiseException
ReadFile
ReleaseMutex
RtlUnwind
SetFilePointerEx
GetProcessPriorityBoost

advapi32

LsaClearAuditLog
RegEnumKeyExA
RegQueryValueExA
RegCloseKey

gdi32

SetBkColor
SelectObject
SelectClipPath
MoveToEx
GetTextMetricsW
GetTextMetricsA
GetObjectW
GetObjectA
GetGlyphOutlineA
SetBkMode
GetCharacterPlacementW
ExtTextOutW
ExtTextOutA
DeleteObject
DeleteDC
CreateFontIndirectW
CreateFontIndirectA
CreateDIBSection
CreateCompatibleDC
SetMapMode
SetTextAlign
TranslateCharsetInfo
GetFontLanguageInfo

ole32

CreateStreamOnHGlobal

Exports

Exports

AbandonSearch
ComputeTangentFrame
EnumClasses
LoadBitmapResize
SetMarkers
SetObjectAttributes
WriteClassDefinition

Sections

.text
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 203KB - Virtual size: 202KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 70KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 51KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7f21ad44f845fae25d0c0deed68b3f2d

Headers

File Characteristics

Imports

msvcrt

kernel32

advapi32

gdi32

ole32

Exports

Exports

Sections

.text Size: 76KB - Virtual size: 76KB

.rdata Size: 203KB - Virtual size: 202KB

.data Size: 70KB - Virtual size: 70KB

.rsrc Size: 51KB - Virtual size: 51KB

.reloc Size: 4KB - Virtual size: 4KB

.text
Size: 76KB - Virtual size: 76KB

.rdata
Size: 203KB - Virtual size: 202KB

.data
Size: 70KB - Virtual size: 70KB

.rsrc
Size: 51KB - Virtual size: 51KB

.reloc
Size: 4KB - Virtual size: 4KB