9dda91e25c564b8468db7978a22166246abf5d8122829c20afa1148a21e8b8e2

General

Target

9dda91e25c564b8468db7978a22166246abf5d8122829c20afa1148a21e8b8e2
Size

304KB
MD5

6bdf03f599fe82e180663d35ece23310
SHA1

82c10dd9af417f02215aaad040bafa193669f73f
SHA256

9dda91e25c564b8468db7978a22166246abf5d8122829c20afa1148a21e8b8e2
SHA512

d99604729c417bfab8bf794e2e4f410f1bb92400f3d773a6e5c2c70e5c6e618da6ba20fff9bcfd85a1f07494667b29d073301d51cd43657d8b01515c22f010ea
SSDEEP

6144:nwv/mU+3F7kIBdgijWuytUCVvKR2so0EO:4/MBGuEThKRLM

Score

N/A

Malware Config

Signatures

Files

9dda91e25c564b8468db7978a22166246abf5d8122829c20afa1148a21e8b8e2
.dll windows x86

bce968462cf93ed7a9b341475aa1e3ad

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

ClientToScreen
MessageBoxA
wsprintfA
UnhookWindowsHookEx
GetClientRect
GetWindowRect
GetDesktopWindow
ReleaseDC
GetProcessDefaultLayout
FillRect
GetDC
GetWindowThreadProcessId
WindowFromDC
DestroyWindow
GetParent

msvcrt

_assert
strtok
fseek
sprintf
_CIpow
fprintf
printf
strcmp
rand
free
fgets
strcpy
realloc
calloc
memcmp
fread
ungetc
_ftol
atof
fopen
exit
memset
abort
memmove
sqrt
_stricmp
sscanf
atoi
strstr
bsearch
memcpy
_iob
ftell
fclose
atol
fwrite
strncmp
malloc
getenv

advapi32

RegCloseKey
RegOpenKeyExA
RegQueryValueExA

kernel32

TlsGetValue
EnterCriticalSection
SetThreadPriority
InitializeCriticalSection
GetFileSize
GetProcAddress
DeleteCriticalSection
GetCurrentThreadId
TlsSetValue
TlsAlloc
FreeLibrary
GetTickCount
CreateFileA
GetStartupInfoA
WriteFile
GlobalSize
GetDateFormatA
VirtualFree
LoadLibraryA
GlobalFree
GetModuleFileNameA
GlobalAlloc
GetLastError
GetTempPathA
GetModuleHandleA
SetLastError
GetVersionExA
LeaveCriticalSection
GetCurrentThread
VirtualAlloc
TlsFree
Sleep

Exports

Exports

LookupError
ReferenceError
SaveThread
create_write_struct
get_PLTE
write_end

Sections

.text
Size: 100KB - Virtual size: 99KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 72KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 44KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 76KB - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bce968462cf93ed7a9b341475aa1e3ad

Headers

File Characteristics

Imports

user32

msvcrt

advapi32

kernel32

Exports

Exports

Sections

.text Size: 100KB - Virtual size: 99KB

.rdata Size: 72KB - Virtual size: 71KB

.data Size: 44KB - Virtual size: 44KB

.rsrc Size: 76KB - Virtual size: 75KB

.reloc Size: 8KB - Virtual size: 7KB

.text
Size: 100KB - Virtual size: 99KB

.rdata
Size: 72KB - Virtual size: 71KB

.data
Size: 44KB - Virtual size: 44KB

.rsrc
Size: 76KB - Virtual size: 75KB

.reloc
Size: 8KB - Virtual size: 7KB