157025e21bba3c0d505a5cef5ac7e24196f05a47be48837559f457dceb3f8e3d

Sharing

Copy URL Twitter E-mail

General

Target

157025e21bba3c0d505a5cef5ac7e24196f05a47be48837559f457dceb3f8e3d
Size

292KB
MD5

799bf4f65e5aedf9eed3e03594685110
SHA1

727c00c17df134c677add9e4b41a13115dd2c486
SHA256

157025e21bba3c0d505a5cef5ac7e24196f05a47be48837559f457dceb3f8e3d
SHA512

7229cffecb8a339d0058801b41a085414a5d962af77fd914a6c097eb8a82e1e34b73de88e4b602867dc303aaed5c7223a8cfe104669cac5ed21e824dd2d96fcd
SSDEEP

6144:cUYY5sSNh5/MTOV//Yv2wp/eHyKTssEFXRd08l:cUYyJ5/MTOVnH5yP

Score

N/A

Malware Config

Signatures

Files

157025e21bba3c0d505a5cef5ac7e24196f05a47be48837559f457dceb3f8e3d
.dll windows x86

6963ea6fcd3aa042426a39ba747cc260

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetWindowThreadProcessId
UnhookWindowsHookEx
ReleaseDC
GetParent
MessageBoxA
DestroyWindow
WindowFromDC
GetWindowRect
GetClientRect
GetDC
FillRect
wsprintfA
ClientToScreen
GetDesktopWindow

ddraw

DirectDrawCreate

msvcrt

atof
free
_iob
bsearch
malloc
_stricmp
calloc
strncmp
strcpy
fopen
sqrt
fwrite
qsort
ftell
strcmp
sscanf
printf
floor
memcmp
atoi
sprintf
rand
fread
realloc
_filbuf
exit
_CIpow
fscanf
getenv
fclose
fseek
fprintf
memcpy
abort
strstr
fflush
_ftol
atol
memset
_assert
fgets
memmove
strtok
ungetc

kernel32

TlsFree
CreateFileA
GetTickCount
GetCurrentThread
TlsSetValue
GetProcAddress
LeaveCriticalSection
LoadLibraryA
GlobalFree
SetThreadPriority
GetVersionExA
EnterCriticalSection
Sleep
GlobalSize
GetModuleHandleA
VirtualAlloc
GlobalAlloc
DeleteCriticalSection
TlsAlloc
InitializeCriticalSection
WriteFile
GetModuleFileNameA
VirtualFree
GetDateFormatA
GetTempPathA
SetLastError
GetLastError
GetCurrentThreadId
FreeLibrary
GetStartupInfoA
TlsGetValue

gdi32

CreateSolidBrush
GetObjectType
SetDIBColorTable
GetCurrentObject
DeleteObject
GetPixelFormat
GetOutlineTextMetricsA
CreateCompatibleDC
CreateFontIndirectA
DeleteDC
BitBlt
CreateCompatibleBitmap
ExtEscape
CreateDIBSection
GetPaletteEntries
GetGlyphOutlineA
GetDeviceCaps
GetRasterizerCaps
DescribePixelFormat
GetObjectA
SelectObject

advapi32

RegCloseKey
RegOpenKeyExA
RegQueryValueExA

Exports

Exports

GetCode
InPlaceLshift
InPlaceSubtract
MergeFromSeq2
SetInterrupt
_InitInterrupts

Sections

.text
Size: 88KB - Virtual size: 87KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 68KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 44KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 80KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6963ea6fcd3aa042426a39ba747cc260

Headers

File Characteristics

Imports

user32

ddraw

msvcrt

kernel32

gdi32

advapi32

Exports

Exports

Sections

.text Size: 88KB - Virtual size: 87KB

.rdata Size: 68KB - Virtual size: 66KB

.data Size: 44KB - Virtual size: 44KB

.rsrc Size: 80KB - Virtual size: 78KB

.reloc Size: 8KB - Virtual size: 6KB

.text
Size: 88KB - Virtual size: 87KB

.rdata
Size: 68KB - Virtual size: 66KB

.data
Size: 44KB - Virtual size: 44KB

.rsrc
Size: 80KB - Virtual size: 78KB

.reloc
Size: 8KB - Virtual size: 6KB