8675a79c4a0bb3506aac268e60437cd1c76aa6525add06317876650399b8be90

General

Target

8675a79c4a0bb3506aac268e60437cd1c76aa6525add06317876650399b8be90
Size

50KB
MD5

cb498f6b2b89f17bde017fd60987ebc1
SHA1

5138b96859cc9adc2ec5493640eae4933cc26653
SHA256

8675a79c4a0bb3506aac268e60437cd1c76aa6525add06317876650399b8be90
SHA512

855f496d96f0b7c9841e755b61313937c1af71e67cefc21375f39486917e77b258ae2413037dc2090664058c13db60f69002ff7216692010a8f33badceeffdd9
SSDEEP

768:sNJaOfqoig1VwRPlWSR06JucKpSVci/QWq0oSQEdjW7dSM2uzC3ej:8JaOfEg1VgMS3j087ESlNqdSM2u

Score

N/A

Malware Config

Signatures

Files

8675a79c4a0bb3506aac268e60437cd1c76aa6525add06317876650399b8be90
.dll windows x86

cc1012eb51a244cbafbcf8bc08831e8c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualQuery
GetLocalTime
lstrcpyA
GetSystemTimeAdjustment
lstrlenA
CreateFileMappingA
DecodePointer
MapViewOfFile
EncodePointer
CreateThread
HeapFree
HeapUnlock
HeapLock
InitializeCriticalSection
HeapAlloc
WaitForMultipleObjects
GetProcessHeaps
GetSystemTime
GetStringTypeA
RegisterWaitForSingleObject
GetModuleHandleA
GetThreadTimes
LocalAlloc
LeaveCriticalSection
EnterCriticalSection
OpenThread
InterlockedExchangeAdd
UnmapViewOfFile
ExitThread

mpg4asn1

RealDriveType
SdbFindFirstNamedTag
ExtractIconA
ImmReSizeIMCC
ImmRegisterClient
OpenAs_RunDLLA
SdbReadDWORDTagRef
InternalExtractIconListA
SdbReadWORDTagRef
ImmGetContext
ExtractIconResInfoA
SdbGetTagFromTagID
CtfAImmDeactivate
ImmGetCompositionFontA
ImmDisableTextFrameService
CtfImmSetCiceroStartInThread
IsLFNDriveA
SdbGrabMatchingInfoEx
SdbReadQWORDTag
ImmIMPQueryIMEA
PathIsExe
Control_RunDLLA
ImmSetActiveContext
ShimFlushCache
CtfImmLastEnabledWndDestroy
ExtractIconEx
PathMakeUniqueName
ImmGetStatusWindowPos
SdbOpenApphelpDetailsDatabase
SdbQueryDataEx
ImmGetConversionStatus
ImmGetProperty
PickIconDlg
CtfImmRestoreToolbarWnd
ImmDestroySoftKeyboard

Exports

Exports

CreateProcessNotify
DllClientEntry

Sections

.text
Size: 34KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cc1012eb51a244cbafbcf8bc08831e8c

Headers

File Characteristics

Imports

kernel32

mpg4asn1

Exports

Exports

Sections

.text Size: 34KB - Virtual size: 36KB

.rdata Size: 2KB - Virtual size: 4KB

.data Size: 12KB - Virtual size: 12KB

.rsrc Size: 512B - Virtual size: 4KB

.reloc Size: 512B - Virtual size: 4KB

.text
Size: 34KB - Virtual size: 36KB

.rdata
Size: 2KB - Virtual size: 4KB

.data
Size: 12KB - Virtual size: 12KB

.rsrc
Size: 512B - Virtual size: 4KB

.reloc
Size: 512B - Virtual size: 4KB