4f646ba7d21c99818b56165e92f0b22a7bbade3306d99f53ce142766591498f5

Sharing

Copy URL Twitter E-mail

General

Target

4f646ba7d21c99818b56165e92f0b22a7bbade3306d99f53ce142766591498f5
Size

340KB
MD5

4e8964660c82c2a659c7d2848b219540
SHA1

2d0651e8b132348b5da9006f54b647df71e757dd
SHA256

4f646ba7d21c99818b56165e92f0b22a7bbade3306d99f53ce142766591498f5
SHA512

5b95af0fb891a2cc5ca846aa6951f01de761d682b34554b26a83d791cd9ff3512217ba4caa8c4f734ef22765ebeacd88f7c0e520255e5d17e5d7a8726d131736
SSDEEP

6144:vImzMiw0Ni47bvi4Z03QlJUd0YjXVt6WVJggxAH1ilrtWm:vImwvQjfi80mKjbW

Score

N/A

Malware Config

Signatures

Files

4f646ba7d21c99818b56165e92f0b22a7bbade3306d99f53ce142766591498f5
.dll windows x86

13fc26f18bf17c212add5ba663c549a4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

SetDIBColorTable
GetGlyphOutlineA
GetRasterizerCaps
BitBlt
CreateDIBSection
GetDeviceCaps
GetObjectA
CreateSolidBrush
SelectObject
CreateFontIndirectA
GetPaletteEntries
DeleteObject
GetOutlineTextMetricsA
GetCurrentObject
GetPixelFormat
DescribePixelFormat
CreateCompatibleBitmap
GetObjectType
CreateCompatibleDC
GetDIBits

kernel32

InitializeCriticalSection
SetThreadPriority
GetCurrentThreadId
GetTempPathA
GetThreadSelectorEntry
GlobalFree
GetCurrentThread
FreeLibrary
GlobalAlloc
EnterCriticalSection
OutputDebugStringA
GetTickCount
LoadLibraryA
GetModuleFileNameA
DeleteCriticalSection
VirtualAlloc
CreateFileA
TlsGetValue
WriteFile
LeaveCriticalSection
TlsAlloc
GetVersionExA
GetProcAddress
Sleep
GetStartupInfoA
GetModuleHandleA
VirtualFree
TlsSetValue
GetLastError
SetLastError
TlsFree
GetDateFormatA
GlobalSize

ddraw

DirectDrawCreate

advapi32

RegOpenKeyExA
RegCloseKey
RegQueryValueExA

user32

ReleaseDC
GetDesktopWindow
WindowFromDC
DestroyWindow
GetDC
GetParent
ClientToScreen
FillRect
GetActiveWindow
GetWindowRect
GetClientRect
UnhookWindowsHookEx
GetWindowThreadProcessId
SetWindowsHookExA
MessageBoxA
wsprintfA

msvcrt

fopen
_stricmp
_assert
fprintf
bsearch
exit
malloc
memset
fclose
fwrite
sprintf
memmove
free
_CIpow
memcmp
atof
fscanf
_iob
sscanf
fseek
strncmp
calloc
floor
qsort
abort
fread
strcmp
strstr
fflush
_filbuf
memcpy
strtok
printf
rand
strcpy
realloc
atoi
sqrt
ungetc
getenv
atol
fgets
ftell
_ftol

Exports

Exports

AsEncodedObject
ClearFreeList
Decoder
GetImporter
GivenExceptionMatches
SetItem
_rowbytes_threshold

Sections

.text
Size: 116KB - Virtual size: 114KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 92KB - Virtual size: 91KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 44KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 76KB - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

13fc26f18bf17c212add5ba663c549a4

Headers

File Characteristics

Imports

gdi32

kernel32

ddraw

advapi32

user32

msvcrt

Exports

Exports

Sections

.text Size: 116KB - Virtual size: 114KB

.rdata Size: 92KB - Virtual size: 91KB

.data Size: 44KB - Virtual size: 44KB

.rsrc Size: 76KB - Virtual size: 75KB

.reloc Size: 8KB - Virtual size: 7KB

.text
Size: 116KB - Virtual size: 114KB

.rdata
Size: 92KB - Virtual size: 91KB

.data
Size: 44KB - Virtual size: 44KB

.rsrc
Size: 76KB - Virtual size: 75KB

.reloc
Size: 8KB - Virtual size: 7KB