9c3d078d6ab238f84fdebb95a2c7e1169af2f5eec8f79cb347c31d2356816a8e

Sharing

Copy URL Twitter E-mail

General

Target

9c3d078d6ab238f84fdebb95a2c7e1169af2f5eec8f79cb347c31d2356816a8e
Size

312KB
MD5

bd2c14fcd2868f0fdbb6e61c0cae1080
SHA1

27542f1a0fb7d9871007b056f29aadf98eef29f8
SHA256

9c3d078d6ab238f84fdebb95a2c7e1169af2f5eec8f79cb347c31d2356816a8e
SHA512

d7591e976d16efd052e9994bcc29e6d8ae03ac1f4ee2c515fe12c10b2c3d6b1adbbf1aeb5c3347a63c52a193183b85dd2eb5eadddd06741cf1c6774c80ec015e
SSDEEP

6144:Ig7QrFfNFO7WuKrBZa1l0NGV9sX3EKZKjswrXo5YN7EdrINq:GrFVFOauKtZqlsEuX33Kgjoxq

Score

N/A

Malware Config

Signatures

Files

9c3d078d6ab238f84fdebb95a2c7e1169af2f5eec8f79cb347c31d2356816a8e
.dll windows x86

543138e33cd816b5025f41501ca20df8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

UnhookWindowsHookEx
GetWindowThreadProcessId
wsprintfA
GetDC
DestroyWindow
GetParent
MessageBoxA
FillRect
WindowFromDC
ClientToScreen
ReleaseDC
GetDesktopWindow
GetWindowRect
GetClientRect

kernel32

VirtualAlloc
GlobalFree
WriteFile
GetTickCount
GetCurrentThreadId
GetVersionExA
SetThreadPriority
GetLastError
GetCurrentThread
GetProcAddress
FreeLibrary
CreateFileA
Sleep
LeaveCriticalSection
GlobalAlloc
EnterCriticalSection
InitializeCriticalSection
LoadLibraryA
DeleteCriticalSection
TlsSetValue
SetLastError
GetDateFormatA
GetStartupInfoA
GetModuleFileNameA
TlsAlloc
VirtualFree
GetTempPathA
GlobalSize
TlsFree
TlsGetValue
GetModuleHandleA

ddraw

DirectDrawCreate

gdi32

GetGlyphOutlineA
SetDIBColorTable
GetRasterizerCaps
DescribePixelFormat
GetObjectA
ExtEscape
GetCurrentObject
CreateCompatibleBitmap
BitBlt
CreateDIBSection
DeleteObject
GetPaletteEntries
GetOutlineTextMetricsA
SelectObject
DeleteDC
GetPixelFormat
GetObjectType
CreateCompatibleDC
GetDeviceCaps
CreateFontIndirectA
CreateSolidBrush

msvcrt

memcpy
fclose
memset
memmove
_stricmp
fwrite
atof
_CIpow
printf
strcmp
getenv
memcmp
ftell
strncmp
realloc
_ftol
rand
fgets
qsort
fscanf
strcpy
exit
strtok
fopen
fprintf
_filbuf
atol
ungetc
bsearch
abort
malloc
fseek
sscanf
sqrt
_assert
fflush
atoi
_iob
sprintf
floor
fread
free
strstr
calloc

advapi32

RegQueryValueExA
RegOpenKeyExA
RegCloseKey

Exports

Exports

AcquireThread
GetItem
StreamWriter
write_end
write_png

Sections

.text
Size: 100KB - Virtual size: 99KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 72KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 44KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 84KB - Virtual size: 81KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

543138e33cd816b5025f41501ca20df8

Headers

File Characteristics

Imports

user32

kernel32

ddraw

gdi32

msvcrt

advapi32

Exports

Exports

Sections

.text Size: 100KB - Virtual size: 99KB

.rdata Size: 72KB - Virtual size: 69KB

.data Size: 44KB - Virtual size: 44KB

.rsrc Size: 84KB - Virtual size: 81KB

.reloc Size: 8KB - Virtual size: 6KB

.text
Size: 100KB - Virtual size: 99KB

.rdata
Size: 72KB - Virtual size: 69KB

.data
Size: 44KB - Virtual size: 44KB

.rsrc
Size: 84KB - Virtual size: 81KB

.reloc
Size: 8KB - Virtual size: 6KB