4cbdf537a1258ff56395c7980960d51682c2829da427ed033f1c9b46a4fe58eb

General

Target

4cbdf537a1258ff56395c7980960d51682c2829da427ed033f1c9b46a4fe58eb
Size

23KB
MD5

c75358e8fa489212fd71d5c9681dbab0
SHA1

bae1a30b307015f597e7c9a32b158bb62ebd4028
SHA256

4cbdf537a1258ff56395c7980960d51682c2829da427ed033f1c9b46a4fe58eb
SHA512

6897f4cecbecc04632b3ec974b3ea86635487851b0ddbcd572cda8e6c72a866859709f59a76ae270fc3138f8715a79752f4890dd6c24225f5bb0dd20dca63470
SSDEEP

384:21WCtfUbzDC2lOc73PWj5TFwbY9k2ZFaqN++XPYZ+WQ5:0WCtfYDC2r7cwM9kIPXQsL

Score

N/A

Malware Config

Signatures

Files

4cbdf537a1258ff56395c7980960d51682c2829da427ed033f1c9b46a4fe58eb
.dll windows x86

f147016601faafb6f054d582cfe36dfa

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentProcess
TerminateProcess
GetCurrentProcessId
GetTempPathA
LoadLibraryA
GetLastError
ReadFile
GetFileSize
CreateFileA
lstrcatA
lstrcpynA
lstrlenA
SetFilePointer
VirtualProtect
IsBadReadPtr
GetProcessHeap
HeapAlloc
OutputDebugStringA
GetPrivateProfileStringA
GetModuleHandleA
GetProcAddress
Sleep
CreateToolhelp32Snapshot
Process32First
WideCharToMultiByte
VirtualQueryEx
OpenProcess
ReadProcessMemory
GetFileAttributesW
Process32Next
CloseHandle
GetModuleFileNameA
CreateThread

msvcrt

strncpy
strrchr
strcat
_except_handler3
exit
printf
malloc
__CxxFrameHandler
memcpy
strstr
_vsnprintf
__dllonexit
_onexit
_initterm
_adjust_fdiv
_strcmpi
strcmp
strcpy
wcsstr
wcscpy
wcsncat
wcslen
_strdup
_strlwr
strlen
mbstowcs
??2@YAPAXI@Z
wcscmp
??3@YAXPAX@Z
memset
free
sprintf

gdiplus

GdipDisposeImage
GdipCreateBitmapFromHBITMAP
GdiplusStartup
GdipGetImageEncoders
GdipSaveImageToFile
GdipGetImageEncodersSize

gdi32

DeleteDC
BitBlt
SelectObject
CreateCompatibleBitmap
CreateCompatibleDC
GetDeviceCaps
CreateDCA
DeleteObject

user32

GetWindowTextW
GetClassNameW
GetForegroundWindow
wsprintfA
GetWindow

Sections

.text
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f147016601faafb6f054d582cfe36dfa

Headers

File Characteristics

Imports

kernel32

msvcrt

gdiplus

gdi32

user32

Sections

.text Size: 14KB - Virtual size: 13KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 4KB - Virtual size: 7KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 14KB - Virtual size: 13KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 4KB - Virtual size: 7KB

.reloc
Size: 2KB - Virtual size: 1KB