d4e32f2b0c311b6143cb850c022761bc19da47b17b476cbb80d77f7262903aae

Sharing

Copy URL Twitter E-mail

General

Target

d4e32f2b0c311b6143cb850c022761bc19da47b17b476cbb80d77f7262903aae
Size

359KB
MD5

730282476ae396d9985e31c27e68928b
SHA1

bb1384d0e9f5e227087a66b7f2e9860d23d16e9d
SHA256

d4e32f2b0c311b6143cb850c022761bc19da47b17b476cbb80d77f7262903aae
SHA512

98239cbfb30ecd0b8ab9dfe881429f671254da8a5e6e6197a8dcc851cef8c867ec73620976f000f5fb64198d94862626eb61daf0b56b608ff1f28eeaedde35f3
SSDEEP

6144:+GNU0sQCTNbhaikpRi0LovUd+7f67UE5pr/R8c2U/QQdnIR2NX06U+pCdW7NtX3:q0pahaikni+oU+z67UE5prWIo4CZSXB

Score

N/A

Malware Config

Signatures

Files

d4e32f2b0c311b6143cb850c022761bc19da47b17b476cbb80d77f7262903aae
.dll windows x86

7614cd90667ca207daa2cced681ab99a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

wctomb
wcsstr
wcsrchr
wcsncpy
wcsncmp
wcschr
tolower
time
swprintf
strtoul
strstr
strrchr
strncmp
strchr
sprintf
realloc
rand
printf
memset
memcpy
mbtowc
malloc
localeconv
isxdigit
iswprint
iswctype
isupper
isspace
isleadbyte
isdigit
isalpha
gmtime
free
fprintf
fopen
ferror
fclose
clock
calloc
atoi
_wcsicmp
_unlock
_strtime
_strrev
_strnicmp
_strlwr
_stricmp
_snprintf
_read
_purecall
_lseeki64
_lsearch
_lock
_itoa
_ismbblead
_isatty
_iob
_initterm
_fileno
__badioinfo
__dllonexit
__mb_cur_max
__pioinfo
_errno
_atoi64
_amsg_exit
_XcptFilter

dbghelp

SymInitialize
SymGetTypeInfo
SymFunctionTableAccess
SymFindFileInPath
SymEnumerateSymbolsW64
SymEnumSymbols
SymCleanup
ImageRvaToVa
FindExecutableImageEx

user32

DispatchMessageA
EnumChildWindows
GetWindowThreadProcessId
GetClassNameA
wsprintfW
TranslateMessage
SetWindowTextA
PeekMessageA
EnumWindows

kernel32

CreateFileMappingA
CreateFileA
CompareFileTime
HeapFree
lstrlenA
lstrcmpA
WriteFile
WideCharToMultiByte
WaitForMultipleObjectsEx
VirtualQuery
VirtualFreeEx
VirtualAllocEx
VirtualAlloc
UnregisterWaitEx
UnmapViewOfFile
TerminateProcess
SystemTimeToFileTime
SetNamedPipeHandleState
SetFilePointer
SetFileApisToANSI
SearchPathA
RtlUnwind
ReadFile
QueryPerformanceCounter
OutputDebugStringA
MultiByteToWideChar
MapViewOfFile
LockResource
LockFileEx
LocalFree
LoadResource
LoadLibraryA
IsBadStringPtrA
InterlockedExchange
InterlockedCompareExchange
CreateTapePartition
HeapAlloc
GetVersionExW
GetVersionExA
GetVersion
GetTickCount
GetSystemTimeAsFileTime
GetProcessPriorityBoost
GetProcessHeap
GetProcAddress
GetPriorityClass
GetModuleHandleA
GetLocalTime
GetLastError
GetFileSize
GetCurrentThreadId
GetCurrentProcessId
GetCurrentProcess
GetCommandLineA
GetCPInfo
FreeLibrary
FormatMessageA
FindResourceA
FindNextFileA
FindClose
ExitProcess
CloseHandle

ole32

CoInitialize
CoCreateInstance
CoUninitialize

advapi32

RegOpenKeyExA
RegOpenKeyExW
RegCloseKey

version

GetFileVersionInfoSizeA
VerQueryValueA
GetFileVersionInfoA

Exports

Exports

CreateWriterFileSink
DocLoadFile
DocStopFeedLoad
LoadLayer
mpegInFree

Sections

.text
Size: 69KB - Virtual size: 68KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 170KB - Virtual size: 169KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 68KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 46KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7614cd90667ca207daa2cced681ab99a

Headers

File Characteristics

Imports

msvcrt

dbghelp

user32

kernel32

ole32

advapi32

version

Exports

Exports

Sections

.text Size: 69KB - Virtual size: 68KB

.rdata Size: 170KB - Virtual size: 169KB

.data Size: 68KB - Virtual size: 71KB

.rsrc Size: 46KB - Virtual size: 46KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 69KB - Virtual size: 68KB

.rdata
Size: 170KB - Virtual size: 169KB

.data
Size: 68KB - Virtual size: 71KB

.rsrc
Size: 46KB - Virtual size: 46KB

.reloc
Size: 4KB - Virtual size: 3KB