4069047ab0575e55bde7ba4a1152c2b89cc34f0bf283b4ab9a19ea1945459b0f

Sharing

Copy URL Twitter E-mail

General

Target

4069047ab0575e55bde7ba4a1152c2b89cc34f0bf283b4ab9a19ea1945459b0f
Size

328KB
MD5

febccbfcf3a3afb39227c917bc3ccc2f
SHA1

7fd1afaa031d6a62cc3ad9c163ac779096dd886e
SHA256

4069047ab0575e55bde7ba4a1152c2b89cc34f0bf283b4ab9a19ea1945459b0f
SHA512

8d6c75a7fdae8b5f16f4fd6d987f5589010d57b201eedcd88cfad774e33800a42724a5d8b6b7dcc3d60a21514f15a19c1e9fd90e12c14407e26068c316c6743c
SSDEEP

6144:FEDdb0huXDvgarA5I3jjiImyeziP7u//+AYZvqd+qAO0z4uAsWH5y:WehmQkKcjcFYlsPF0z4uBWZy

Score

N/A

Malware Config

Signatures

Files

4069047ab0575e55bde7ba4a1152c2b89cc34f0bf283b4ab9a19ea1945459b0f
.dll windows x86

4c5de46144b7a7771d49d0db72fc902c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

crtdll

_strupr
wcstombs
wcslen
setlocale
_vsnprintf
strpbrk
toupper
_fullpath
_purecall
vsprintf
memmove
qsort
_CIpow
_strlwr
_global_unwind2
_local_unwind2
strncmp
_strnicmp
strtol
strtoul
strstr
_stricmp
strrchr
isprint
strncpy
sprintf
_ftol

advapi32

RegCreateKeyExA
RegQueryInfoKeyA
RegEnumKeyExA
RegSetValueExA
RegFlushKey
RegQueryValueExA
RegDeleteValueA
RegCloseKey
RegOpenKeyExA
GetUserNameA

comdlg32

GetSaveFileNameA

gdi32

DeleteDC
CreateDIBitmap
DeleteObject
CreateRectRgn
CombineRgn
GdiFlush
GetRegionData
RectInRegion
GetStockObject
SetTextColor
GetCharABCWidthsA
SetBkMode
SelectObject
GetTextExtentPoint32A
SetTextAlign
GetCurrentObject
GetTextMetricsA
CreateCompatibleDC
CreateFontA
SetBkColor
SelectPalette
CreatePalette
GetSystemPaletteEntries
RealizePalette
SetPaletteEntries
GetDeviceCaps
GetDIBits
ExtTextOutA
Rectangle

kernel32

GetTempPathA
FreeLibrary
GetProcAddress
LoadLibraryA
InterlockedDecrement
GetComputerNameA
GetLocalTime
GetModuleFileNameA
InterlockedIncrement
IsBadWritePtr
GetCurrentThread
GetLastError
GetCurrentProcess
IsBadReadPtr
GetModuleHandleA
VirtualQuery
lstrcpynA
InitializeCriticalSection
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
CloseHandle
WriteFile
CreateFileA
ReadFile
GetFileSize
GetCommandLineA
GetTickCount
MulDiv
GetCurrentProcessId
LockResource
LoadResource
FindResourceA
FreeResource
SizeofResource
ExitProcess
HeapFree
GetProcessHeap
GetCurrentThreadId
TerminateProcess
GetExitCodeProcess
GetVersion
GetFileAttributesA
CreateDirectoryA
OutputDebugStringA
FindClose
FindFirstFileA
FormatMessageA
HeapAlloc
SetLastError
SetUnhandledExceptionFilter
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
SetEvent
WaitForSingleObject
SetFilePointer
GetDiskFreeSpaceA
GetVolumeInformationA
GetDriveTypeA
SetThreadPriority
CreateThread
CreateEventA
VirtualFree
FlushFileBuffers
VirtualAlloc
GetSystemInfo
VirtualUnlock
FindNextFileA
SystemTimeToFileTime
GetSystemTime
VirtualLock
Sleep
CreateProcessA
DeleteFileA
GetACP
GetTempFileNameA

user32

DefDlgProcA
SendDlgItemMessageA
wsprintfA
LoadStringA
BeginPaint
SetClassLongA
GetClassLongA
GetUpdateRgn
GetWindowLongA
IsWindow
GetPropA
GetClassNameA
GetParent
GetClientRect
IsIconic
IsWindowVisible
GetDesktopWindow
GetWindow
IntersectRect
ClientToScreen
ShowCursor
GetCursorPos
GetTopWindow
ScreenToClient
GetWindowRect
PostMessageA
GetClassInfoA
RegisterClassA
LoadCursorA
DefWindowProcA
InvalidateRect
SetPropA
EndPaint
DrawTextA
GetWindowTextA
GetWindowTextLengthA
SendMessageA
GetDlgCtrlID
RemovePropA
SetWindowLongA
SetDlgItemTextA
CallWindowProcA
SetActiveWindow
GetActiveWindow
EnableWindow
IsWindowEnabled
ReleaseDC
GetDC
SetCursor
DrawFocusRect
DrawEdge
CreateWindowExA
SetFocus
DispatchMessageA
TranslateMessage
PostQuitMessage
PeekMessageA
ShowWindow
AdjustWindowRectEx
GetWindowThreadProcessId
GetFocus
EndDialog
DestroyWindow
IsDialogMessageA
GetDlgItem
FindWindowExA
LoadIconA
CreateCursor
GetSystemMetrics
MessageBoxA
GetForegroundWindow
DestroyCursor
GetMessageA
GetDlgItemTextA

version

GetFileVersionInfoSizeA
VerQueryValueA
GetFileVersionInfoA

Sections

.text
Size: 228KB - Virtual size: 224KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 52KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 4KB - Virtual size: 244B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4c5de46144b7a7771d49d0db72fc902c

Headers

File Characteristics

Imports

crtdll

advapi32

comdlg32

gdi32

kernel32

user32

version

Sections

.text Size: 228KB - Virtual size: 224KB

.rdata Size: 52KB - Virtual size: 49KB

.data Size: 12KB - Virtual size: 27KB

.CRT Size: 4KB - Virtual size: 244B

.rsrc Size: 12KB - Virtual size: 9KB

.reloc Size: 16KB - Virtual size: 12KB

.text
Size: 228KB - Virtual size: 224KB

.rdata
Size: 52KB - Virtual size: 49KB

.data
Size: 12KB - Virtual size: 27KB

.CRT
Size: 4KB - Virtual size: 244B

.rsrc
Size: 12KB - Virtual size: 9KB

.reloc
Size: 16KB - Virtual size: 12KB