ecd9af9ec64d86909a6c7cfb415beb393aee9ae5e0ab9bb4b249ac358257cc94

Sharing

Copy URL Twitter E-mail

General

Target

ecd9af9ec64d86909a6c7cfb415beb393aee9ae5e0ab9bb4b249ac358257cc94
Size

427KB
MD5

14505e6577f4fb3ae6c890bdaca3da65
SHA1

99e5655646358489f911844351b88db9876680c6
SHA256

ecd9af9ec64d86909a6c7cfb415beb393aee9ae5e0ab9bb4b249ac358257cc94
SHA512

b59758bd1d5fd6ab5cacc9b37535f7c496b0af09220ea539e7afa870f4dc4c63e496ce35c3f75beed5fa61abf5006c7397adbf6c9d9a5eec04adda00e174f8b2
SSDEEP

12288:Gqws/MYlH35Tx4ryJhmIGzF35oQBolmZ07+:0s/MS5t4ry6I2qzmQ+

Score

N/A

Malware Config

Signatures

Files

ecd9af9ec64d86909a6c7cfb415beb393aee9ae5e0ab9bb4b249ac358257cc94
.dll windows x86

7f21ad44f845fae25d0c0deed68b3f2d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

tolower
strcat
qsort
putc
memset
memmove
memcpy
malloc
iswspace
iswpunct
iswdigit
iswalpha
free
asin
_wcsset
_vsnwprintf
_vsnprintf
_unlock
_stricmp
_onexit
_lock
_isnan
_initterm
_i64toa
_finite
_controlfp
_beep
_amsg_exit
__dllonexit
__CxxFrameHandler
_XcptFilter
_CxxThrowException
_CIsqrt
_CIsin
_CIcos
_CIatan2
_CIatan
_CIasin
_CIacos

kernel32

_llseek
WideCharToMultiByte
WaitForSingleObject
WaitForMultipleObjects
WaitCommEvent
VirtualAlloc
UnhandledExceptionFilter
TransactNamedPipe
TerminateProcess
SizeofResource
CloseHandle
CreateFileA
CreateMutexA
CreateThread
DebugBreak
DeleteAtom
DeleteCriticalSection
DeviceIoControl
EnterCriticalSection
ExitProcess
FindResourceA
FindResourceW
FlushViewOfFile
GetCPInfo
GetCommandLineA
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetFileSize
GetFileSizeEx
GetFullPathNameW
GetLastError
GetModuleFileNameA
GetModuleHandleA
GetProcAddress
GetProcessAffinityMask
SetUnhandledExceptionFilter
GetSystemTimeAsFileTime
GetTickCount
GetVersion
InitializeCriticalSection
InterlockedCompareExchange
InterlockedDecrement
InterlockedExchange
InterlockedIncrement
IsProcessorFeaturePresent
IsValidCodePage
LeaveCriticalSection
LoadLibraryA
LoadResource
LockResource
MapViewOfFileEx
MultiByteToWideChar
OutputDebugStringA
QueryPerformanceCounter
RaiseException
ReadFile
ReleaseMutex
RtlUnwind
SetFilePointerEx
GetProcessPriorityBoost

advapi32

LsaClearAuditLog
RegEnumKeyExA
RegQueryValueExA
RegCloseKey

gdi32

SetBkColor
SelectObject
SelectClipPath
MoveToEx
GetTextMetricsW
GetTextMetricsA
GetObjectW
GetObjectA
GetGlyphOutlineA
SetBkMode
GetCharacterPlacementW
ExtTextOutW
ExtTextOutA
DeleteObject
DeleteDC
CreateFontIndirectW
CreateFontIndirectA
CreateDIBSection
CreateCompatibleDC
SetMapMode
SetTextAlign
TranslateCharsetInfo
GetFontLanguageInfo

ole32

CreateStreamOnHGlobal

Exports

Exports

BufferData
GetEnumValue
GetListeneriv
GetSyntaxOfAttributeOnServer
InitBillBoard
Object
StopBillBoard

Sections

.text
Size: 78KB - Virtual size: 77KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 204KB - Virtual size: 203KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 69KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 70KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7f21ad44f845fae25d0c0deed68b3f2d

Headers

File Characteristics

Imports

msvcrt

kernel32

advapi32

gdi32

ole32

Exports

Exports

Sections

.text Size: 78KB - Virtual size: 77KB

.rdata Size: 204KB - Virtual size: 203KB

.data Size: 69KB - Virtual size: 71KB

.rsrc Size: 70KB - Virtual size: 69KB

.reloc Size: 4KB - Virtual size: 4KB

.text
Size: 78KB - Virtual size: 77KB

.rdata
Size: 204KB - Virtual size: 203KB

.data
Size: 69KB - Virtual size: 71KB

.rsrc
Size: 70KB - Virtual size: 69KB

.reloc
Size: 4KB - Virtual size: 4KB