92fbef6523bfa5a7783d5faff876154facea176ce90b58d93f62cf1e17e5d39a

Sharing

Copy URL Twitter E-mail

General

Target

92fbef6523bfa5a7783d5faff876154facea176ce90b58d93f62cf1e17e5d39a
Size

428KB
MD5

869a88b36fe96d0743d3ecd3c4c24350
SHA1

97338db55913a878dbe9c8211061d0336a608726
SHA256

92fbef6523bfa5a7783d5faff876154facea176ce90b58d93f62cf1e17e5d39a
SHA512

5eae7f08cb848e4f5769836eceff71e886cc0fe63b9d2ed8ffe5c8c74d0f39097171cf1a452f31da1def8c5a38b62aae8b38bfec78ef2bd2e5336ebdac1ea22f
SSDEEP

6144:G+1jvV43msHbKSrXhJ9qDpGn2YFTrXh1XTZbESRusHeKgdUg1:NjvV43XbKeJ9CpGn/jZQSRxHeRdU+

Score

N/A

Malware Config

Signatures

Files

92fbef6523bfa5a7783d5faff876154facea176ce90b58d93f62cf1e17e5d39a
.dll windows x86

e47c3f43c45e91c7a58159ccb69f7c21

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ddraw

DirectDrawCreate

kernel32

GetLastError
GlobalAlloc
GetCurrentThreadId
DeleteCriticalSection
GetModuleFileNameA
Sleep
GlobalFree
WriteFile
GetDateFormatA
SetThreadPriority
TlsGetValue
GetStartupInfoA
LeaveCriticalSection
GetTempPathA
FreeLibrary
VirtualFree
GetProcAddress
TlsAlloc
VirtualAlloc
CreateFileA
SetLastError
GetTickCount
TlsSetValue
TlsFree
GetVersionExA
GetModuleHandleA
LoadLibraryA
InitializeCriticalSection
GlobalSize
EnterCriticalSection
GetCurrentThread

msvcrt

memset
atol
fread
memcpy
fopen
_ftol
free
sprintf
strncmp
fprintf
ftell
rand
ungetc
sscanf
realloc
_stricmp
bsearch
fflush
_CIpow
getenv
fgets
sqrt
calloc
floor
strcpy
qsort
_assert
printf
strtok
abort
memmove
strcmp
atof
memcmp
fclose
atoi
strstr
_iob
_filbuf
fseek
malloc
exit
fscanf
fwrite

gdi32

SelectObject
CreateSolidBrush
DeleteDC
CreateFontIndirectA
BitBlt
GetObjectType
DeleteObject
GetOutlineTextMetricsA
CreateCompatibleBitmap
DescribePixelFormat
CreateDIBSection
CreateCompatibleDC
GetGlyphOutlineA
GetRasterizerCaps
GetObjectA
SetDIBColorTable
GetPixelFormat
GetCurrentObject
GetPaletteEntries
GetDeviceCaps
ExtEscape

user32

GetDesktopWindow
UnhookWindowsHookEx
GetClientRect
GetWindowThreadProcessId
FillRect
GetParent
GetDC
wsprintfA
DestroyWindow
ClientToScreen
ReleaseDC
MessageBoxA
GetWindowRect
WindowFromDC

advapi32

RegOpenKeyExA
RegCloseKey
RegQueryValueExA

Exports

Exports

AcquireThread
GetItem
StreamWriter
write_end
write_png

Sections

.text
Size: 112KB - Virtual size: 110KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 184KB - Virtual size: 182KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 44KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 76KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e47c3f43c45e91c7a58159ccb69f7c21

Headers

File Characteristics

Imports

ddraw

kernel32

msvcrt

gdi32

user32

advapi32

Exports

Exports

Sections

.text Size: 112KB - Virtual size: 110KB

.rdata Size: 184KB - Virtual size: 182KB

.data Size: 44KB - Virtual size: 44KB

.rsrc Size: 76KB - Virtual size: 72KB

.reloc Size: 8KB - Virtual size: 7KB

.text
Size: 112KB - Virtual size: 110KB

.rdata
Size: 184KB - Virtual size: 182KB

.data
Size: 44KB - Virtual size: 44KB

.rsrc
Size: 76KB - Virtual size: 72KB

.reloc
Size: 8KB - Virtual size: 7KB