872b5e3cd3b8fa434b2a8153a1ad8f1cd827614a177d7e6e8a76156c8d9177af

General

Target

872b5e3cd3b8fa434b2a8153a1ad8f1cd827614a177d7e6e8a76156c8d9177af
Size

212KB
MD5

ccc1373014f0092174a567f2a6ee9185
SHA1

f222e1583c5ca62a3839fd003889f0ce5ef255ab
SHA256

872b5e3cd3b8fa434b2a8153a1ad8f1cd827614a177d7e6e8a76156c8d9177af
SHA512

ecdfba9d03e01fafa6b7c9da4fdfbba5412fab620bdfdce62ad40b300e59e403a38a1314bd1ef083c8c3eacb241aaa36eab8fe5d804001883ac19897f05d1b20
SSDEEP

6144:Zo25esxDQRwYK4vvfoSDbaa0ndQghcGzzUG7lTqlY:+2YUDINnoSia0OgdUAG

Score

N/A

Malware Config

Signatures

Files

872b5e3cd3b8fa434b2a8153a1ad8f1cd827614a177d7e6e8a76156c8d9177af
.dll windows x86

cbd81052d6cdeecf09d3fe6c41741f41

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
CompareStringA
ExitProcess
FindClose
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetCommandLineA
GetEnvironmentVariableA
GetModuleHandleA
GetStartupInfoA
GetStringTypeA
GetSystemTimeAsFileTime
GetVersionExA
HeapAlloc
HeapCreate
HeapReAlloc
InitializeCriticalSection
InterlockedDecrement
InterlockedIncrement
IsBadReadPtr
IsValidCodePage
LCMapStringA
LeaveCriticalSection
MapViewOfFile
MultiByteToWideChar
ReadFile
RtlUnwind
SetLastError
SetUnhandledExceptionFilter
SizeofResource
Sleep
TlsFree
WriteFile
lstrcmpA
lstrlenA

user32

SetWindowTextA
SetWindowPos
ReleaseCapture
IntersectRect
GetWindowThreadProcessId
GetSystemMetrics
GetMenuItemCount
FindWindowExA
FindWindowA
EnumChildWindows
EnableWindow
DispatchMessageA
DefDlgProcA
DefFrameProcA

advapi32

RegisterServiceCtrlHandlerExW
QueryAllTracesA
LsaSetSecurityObject
LsaEnumerateTrustedDomainsEx
LsaEnumeratePrivilegesOfAccount
GetLocalManagedApplications
FreeSid
CryptContextAddRef

ddraw

GetDDSurfaceLocal
DirectDrawEnumerateExA
DirectDrawCreateClipper
DDInternalLock

ole32

CLSIDFromString
CoBuildVersion
CoCreateGuid
CoCreateInstance
CoFileTimeNow
CoGetMalloc
CoTaskMemAlloc
CoTaskMemFree

Exports

Exports

EnumBaseImageDataPropertyReset

Sections

.text
Size: 136KB - Virtual size: 135KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 64KB - Virtual size: 143KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cbd81052d6cdeecf09d3fe6c41741f41

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ddraw

ole32

Exports

Exports

Sections

.text Size: 136KB - Virtual size: 135KB

.data Size: 64KB - Virtual size: 143KB

.rsrc Size: 4KB - Virtual size: 3KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 136KB - Virtual size: 135KB

.data
Size: 64KB - Virtual size: 143KB

.rsrc
Size: 4KB - Virtual size: 3KB

.reloc
Size: 4KB - Virtual size: 3KB