8f78d8927a9bbcf4865838961099cfea82c10df99aedee7265d5fd30c15673d9

Sharing

Copy URL

Twitter E-mail

General

Target

8f78d8927a9bbcf4865838961099cfea82c10df99aedee7265d5fd30c15673d9
Size

588KB
MD5

63e54d328f3c68088a6b40098d9ca1e0
SHA1

12d1c172e69f6881bc6844e36e108127021c34b4
SHA256

8f78d8927a9bbcf4865838961099cfea82c10df99aedee7265d5fd30c15673d9
SHA512

604f88687059fd8ada2511f73ce94faabbb038f93d26a0a0f6b4294041977ece86bdcaad2de462124587dc74fbfacb1cfc78867b4d2eb48b0f740a1466ea62f0
SSDEEP

12288:l/WQBiD/u+cgTYegtCT4bx7Mpgd/NzF/Vdu6jcqEXMDyI:l/fB4TT4zYyNzF9duBqgxI

Score

N/A

Malware Config

Signatures

Files

8f78d8927a9bbcf4865838961099cfea82c10df99aedee7265d5fd30c15673d9
.dll windows x86

e47c3f43c45e91c7a58159ccb69f7c21

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ddraw

DirectDrawCreate

kernel32

GetLastError
GlobalAlloc
GetCurrentThreadId
DeleteCriticalSection
GetModuleFileNameA
Sleep
GlobalFree
WriteFile
GetDateFormatA
SetThreadPriority
TlsGetValue
GetStartupInfoA
LeaveCriticalSection
GetTempPathA
FreeLibrary
VirtualFree
GetProcAddress
TlsAlloc
VirtualAlloc
CreateFileA
SetLastError
GetTickCount
TlsSetValue
TlsFree
GetVersionExA
GetModuleHandleA
LoadLibraryA
InitializeCriticalSection
GlobalSize
EnterCriticalSection
GetCurrentThread

msvcrt

memset
atol
fread
memcpy
fopen
_ftol
free
sprintf
strncmp
fprintf
ftell
rand
ungetc
sscanf
realloc
_stricmp
bsearch
fflush
_CIpow
getenv
fgets
sqrt
calloc
floor
strcpy
qsort
_assert
printf
strtok
abort
memmove
strcmp
atof
memcmp
fclose
atoi
strstr
_iob
_filbuf
fseek
malloc
exit
fscanf
fwrite

gdi32

SelectObject
CreateSolidBrush
DeleteDC
CreateFontIndirectA
BitBlt
GetObjectType
DeleteObject
GetOutlineTextMetricsA
CreateCompatibleBitmap
DescribePixelFormat
CreateDIBSection
CreateCompatibleDC
GetGlyphOutlineA
GetRasterizerCaps
GetObjectA
SetDIBColorTable
GetPixelFormat
GetCurrentObject
GetPaletteEntries
GetDeviceCaps
ExtEscape

user32

GetDesktopWindow
UnhookWindowsHookEx
GetClientRect
GetWindowThreadProcessId
FillRect
GetParent
GetDC
wsprintfA
DestroyWindow
ClientToScreen
ReleaseDC
MessageBoxA
GetWindowRect
WindowFromDC

advapi32

RegOpenKeyExA
RegCloseKey
RegQueryValueExA

Exports

Exports

EnvironmentError
Module_GetFilename
SystemError
read_end
set_flush

Sections

.text
Size: 172KB - Virtual size: 171KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 84KB - Virtual size: 83KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 112KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 208KB - Virtual size: 205KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e47c3f43c45e91c7a58159ccb69f7c21

Headers

File Characteristics

Imports

ddraw

kernel32

msvcrt

gdi32

user32

advapi32

Exports

Exports

Sections

.text Size: 172KB - Virtual size: 171KB

.rdata Size: 84KB - Virtual size: 83KB

.data Size: 112KB - Virtual size: 112KB

.rsrc Size: 208KB - Virtual size: 205KB

.reloc Size: 8KB - Virtual size: 7KB

.text
Size: 172KB - Virtual size: 171KB

.rdata
Size: 84KB - Virtual size: 83KB

.data
Size: 112KB - Virtual size: 112KB

.rsrc
Size: 208KB - Virtual size: 205KB

.reloc
Size: 8KB - Virtual size: 7KB