036bd17c0eec0fabb5828d003daa05405ce5aebde6b09a0871f4a200590db365

General

Target

036bd17c0eec0fabb5828d003daa05405ce5aebde6b09a0871f4a200590db365
Size

60KB
MD5

fba84a03df4b5cc4d524adae76068720
SHA1

0f99820e557230ebaf420917b4ef80880df8ff93
SHA256

036bd17c0eec0fabb5828d003daa05405ce5aebde6b09a0871f4a200590db365
SHA512

d80b7f823f4d6dcf245c21a07049664d2f02859f6ced6678a5e3428473ec321a103e37b1bd440e0bc91db3dbc3df6695bbbb504979e07617666409210d92adb5
SSDEEP

768:sAACqlhXbHEqhsI+8lPFrcc/noPAknnCFaWIli5c3ZS7AlivMgANHEthb6oCYc+U:sA3GLfsMRFGY3rqJSUlivMathWoCd1

Score

N/A

Malware Config

Signatures

Files

036bd17c0eec0fabb5828d003daa05405ce5aebde6b09a0871f4a200590db365
.dll windows x86

1a85127b939645fa1fece97e09781a36

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
MapViewOfFile
GetCurrentProcess
GetModuleHandleW
Sleep
ReadProcessMemory
GetProcAddress
DisableThreadLibraryCalls
LoadLibraryA
CreateFileMappingA
GetModuleHandleA
VirtualProtect
GetVersionExA
CloseHandle
OpenFileMappingA
WriteProcessMemory
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
InterlockedCompareExchange
InterlockedExchange
GetTickCount
GetCurrentThreadId
QueryPerformanceCounter

user32

GetSystemMetrics
ScreenToClient
GetForegroundWindow
GetAsyncKeyState
GetCursorPos

msvcr90

??2@YAPAXI@Z
_unlock
__dllonexit
_encode_pointer
_lock
_onexit
_decode_pointer
_malloc_crt
_encoded_null
_initterm
_initterm_e
_amsg_exit
_adjust_fdiv
__CppXcptFilter
_crt_debugger_hook
_except_handler4_common
__clean_type_info_names_internal
vsprintf_s
malloc
free
sprintf
_CIsqrt
_CIsin
_CIcos
_CIatan2
_CIatan

winmm

sndPlaySoundA

Sections

.text
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 688B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1a85127b939645fa1fece97e09781a36

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

msvcr90

winmm

Sections

.text Size: 34KB - Virtual size: 34KB

.rdata Size: 20KB - Virtual size: 19KB

.data Size: 1024B - Virtual size: 6KB

.rsrc Size: 1024B - Virtual size: 688B

.reloc Size: 2KB - Virtual size: 2KB

.text
Size: 34KB - Virtual size: 34KB

.rdata
Size: 20KB - Virtual size: 19KB

.data
Size: 1024B - Virtual size: 6KB

.rsrc
Size: 1024B - Virtual size: 688B

.reloc
Size: 2KB - Virtual size: 2KB