840a609768429c36b8a40d607c15455b1faa0f8f424ccb56dea8160d84bab909

General

Target

840a609768429c36b8a40d607c15455b1faa0f8f424ccb56dea8160d84bab909
Size

180KB
MD5

e85985e115602813201713e09104e07f
SHA1

afdf99dc1c73c7a21916838aa279f1659b7028f1
SHA256

840a609768429c36b8a40d607c15455b1faa0f8f424ccb56dea8160d84bab909
SHA512

25ed366d188bfcc43902def653dfa40fae2233f31d872f1c43154a5ff2fb94e1586eeecab1b61dc184a8fbf6362d5dcf123555321e36d537076f3432e172b3e6
SSDEEP

3072:EuMX3+I7Dn9qpDL4DZ91oDT5xO2q4jEJyKx5b+qGJ6ayZLhzJWft:1+wpoDiLxYP5KqGcZLhE

Score

N/A

Malware Config

Signatures

Files

840a609768429c36b8a40d607c15455b1faa0f8f424ccb56dea8160d84bab909
.dll windows x86

768ba8fb3680dc23057b742712900845

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

MessageBoxW
IsWindow

shell32

SHGetSpecialFolderLocation
SHCreateDirectoryExW
CommandLineToArgvW

kernel32

ExitProcess
FindFirstFileW
FindNextFileW
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetFullPathNameW
GetModuleHandleA
GetProcAddress
SetUnhandledExceptionFilter
Sleep
TerminateProcess
UnhandledExceptionFilter
VirtualAlloc
VirtualFree
VirtualProtect
lstrlenW
InterlockedExchange

msvcrt

_cexit
_controlfp
_exit
_initterm
_ismbblead
_wcsdup
_wcslwr
exit
free
memset
printf
wcsstr
wprintf
_amsg_exit
__setusermatherr
__set_app_type
__p__fmode
__p__commode
_XcptFilter
__getmainargs

gdi32

PolyDraw
ArcTo

advapi32

RegQueryValueExW
RegOpenKeyExW
RegCloseKey

Exports

Exports

AAuxDecode
AInputSegment
AStatus
CreateLogFile
CreateTexture
CryptFreeFunc
DeleteContext
DescribeMcdPixelFormat
GetLogInfo
GetTableColumnInfo
HrRewindStream
IUnknownList_CreateInstance
UlStripWhitespace

Sections

.text
Size: 57KB - Virtual size: 57KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 102KB - Virtual size: 101KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 410B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

768ba8fb3680dc23057b742712900845

Headers

DLL Characteristics

File Characteristics

Imports

user32

shell32

kernel32

msvcrt

gdi32

advapi32

Exports

Exports

Sections

.text Size: 57KB - Virtual size: 57KB

.rdata Size: 102KB - Virtual size: 101KB

.data Size: 19KB - Virtual size: 19KB

.rsrc Size: 512B - Virtual size: 410B

.text
Size: 57KB - Virtual size: 57KB

.rdata
Size: 102KB - Virtual size: 101KB

.data
Size: 19KB - Virtual size: 19KB

.rsrc
Size: 512B - Virtual size: 410B