521f21bc5da679b833e0e0148e84ad3c7555a15563721b318b3fcc92ffc3c061

Sharing

Copy URL Twitter E-mail

General

Target

521f21bc5da679b833e0e0148e84ad3c7555a15563721b318b3fcc92ffc3c061
Size

316KB
MD5

f1a145e8f84f17de6f935c0b99caac50
SHA1

b2ca7db40fc4756568dd906952585186781edbc0
SHA256

521f21bc5da679b833e0e0148e84ad3c7555a15563721b318b3fcc92ffc3c061
SHA512

9a7a9232a1cc8c21b1141221a9433ff1a013455c0fec18129926495f5eeb88d725bf79794333226a560cb694ad82b57054e6f14b16e5fdf63b9ff2f39028ee36
SSDEEP

6144:k3u5ZBPQxWUGGVo/KRL5lg+QoJKvA++e0ld3/ukjEyD6F:kz4+oYHCiLRdPXgQ

Score

N/A

Malware Config

Signatures

Files

521f21bc5da679b833e0e0148e84ad3c7555a15563721b318b3fcc92ffc3c061
.dll windows x86

53f24f04e1607f04baa23c8b53c8f7fb

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ddraw

DirectDrawCreate

kernel32

GetModuleFileNameA
GlobalSize
LeaveCriticalSection
Sleep
GetProcAddress
TlsFree
DeleteCriticalSection
GetStartupInfoA
CreateFileA
GetCurrentThread
GlobalFree
TlsSetValue
SetLastError
OutputDebugStringA
GetModuleHandleA
LoadLibraryA
VirtualAlloc
GlobalAlloc
TlsAlloc
VirtualFree
TlsGetValue
SetThreadPriority
GetTickCount
GetLastError
GetVersionExA
EnterCriticalSection
GetTempPathA
WriteFile
GetDateFormatA
InitializeCriticalSection
GetCurrentThreadId
FreeLibrary

msvcrt

atol
ungetc
_CIpow
atoi
_stricmp
fopen
malloc
bsearch
atof
strncmp
strtok
strcpy
abort
rand
qsort
memmove
sscanf
strstr
_ftol
fwrite
getenv
printf
fread
sqrt
sprintf
fseek
exit
fgets
fprintf
memcpy
memcmp
memset
floor
_iob
_filbuf
fscanf
fclose
strcmp
calloc
realloc
fflush
free
_assert
ftell

advapi32

RegQueryValueExA
RegOpenKeyExA
RegCloseKey

user32

UnhookWindowsHookEx
DestroyWindow
ReleaseDC
FillRect
GetParent
wsprintfA
GetDC
SetWindowsHookExA
ClientToScreen
GetDesktopWindow
MessageBoxA
GetClientRect
GetWindowRect
WindowFromDC
GetWindowThreadProcessId

gdi32

GetRasterizerCaps
GetPixelFormat
DescribePixelFormat
GetOutlineTextMetricsA
GetGlyphOutlineA
BitBlt
GetObjectType
CreateCompatibleDC
SetDIBColorTable
DeleteObject
CreateSolidBrush
GetPaletteEntries
GetCurrentObject
CreateFontIndirectA
CreateCompatibleBitmap
DeleteDC
GetObjectA
GetDeviceCaps
CreateDIBSection
ExtEscape
SelectObject

Exports

Exports

Clear
FlagsFilenameEx
ReplaceErrors
read_init_2
set_filter
vGetToken

Sections

.text
Size: 104KB - Virtual size: 103KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 72KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 44KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 84KB - Virtual size: 83KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

53f24f04e1607f04baa23c8b53c8f7fb

Headers

File Characteristics

Imports

ddraw

kernel32

msvcrt

advapi32

user32

gdi32

Exports

Exports

Sections

.text Size: 104KB - Virtual size: 103KB

.rdata Size: 72KB - Virtual size: 71KB

.data Size: 44KB - Virtual size: 44KB

.rsrc Size: 84KB - Virtual size: 83KB

.reloc Size: 8KB - Virtual size: 7KB

.text
Size: 104KB - Virtual size: 103KB

.rdata
Size: 72KB - Virtual size: 71KB

.data
Size: 44KB - Virtual size: 44KB

.rsrc
Size: 84KB - Virtual size: 83KB

.reloc
Size: 8KB - Virtual size: 7KB