95f263816c25069186de47e9a79c8362f9cc0a5cbeed25a416849c609274965b

Sharing

Copy URL Twitter E-mail

General

Target

95f263816c25069186de47e9a79c8362f9cc0a5cbeed25a416849c609274965b
Size

304KB
MD5

2454e76ad04193ecd915e485fabce8c0
SHA1

43f2a22b836c91ce5d0e3a343c80a4d3d0edeaea
SHA256

95f263816c25069186de47e9a79c8362f9cc0a5cbeed25a416849c609274965b
SHA512

ecfca3c63c97139658d9c0595f5cfd83e5999390fce80cda73a6b5bd117423b10a32757e3b358262102bd765ac78710d733057e6995cd70e1255aa6d1e684f9c
SSDEEP

6144:WU9DYuHHl3aLo5u3wTXWwd910qa9wEUaoKkuKgmeWwPKWuD:Wc7HlaLokSGw2WEyKkuKeWsKD

Score

N/A

Malware Config

Signatures

Files

95f263816c25069186de47e9a79c8362f9cc0a5cbeed25a416849c609274965b
.dll windows x86

795cf82bac5300932ca971e10e39dadc

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

MessageBoxA
GetClientRect
GetWindowRect
ReleaseDC
ClientToScreen
FillRect
GetDC
DestroyWindow
UnhookWindowsHookEx
CallNextHookEx
GetActiveWindow
wsprintfA
GetWindowThreadProcessId
GetWindowLongA
SetWindowsHookExA
GetParent
GetDesktopWindow
WindowFromDC

gdi32

GetDIBits
SelectObject
DeleteDC
GetPaletteEntries
GetGlyphOutlineA
GetOutlineTextMetricsA
DescribePixelFormat
CreateCompatibleDC
GetRasterizerCaps
GetPixelFormat
DeleteObject
CreateDIBSection
SetDIBColorTable
CreateCompatibleBitmap
GetObjectA
GetDeviceCaps
CreateFontIndirectA
GetCurrentObject
CreateSolidBrush
BitBlt
GetObjectType
ExtEscape

advapi32

RegOpenKeyExA
RegCloseKey
RegQueryValueExA

msvcrt

realloc
_iob
malloc
sprintf
fread
ungetc
abort
floor
_ftol
fwrite
fopen
fclose
bsearch
fseek
printf
fgets
exit
strtok
rand
_stricmp
ceil
fflush
sqrt
atof
_assert
sscanf
ftell
strncmp
memmove
strcmp
fprintf
_filbuf
free
strcpy
memset
qsort
_CIpow
memcmp
atol
fscanf
strstr
atoi
calloc
getenv
memcpy

ddraw

DirectDrawCreate

kernel32

InitializeCriticalSection
GlobalFree
GetLastError
GetModuleFileNameA
GetDateFormatA
Sleep
WriteFile
SetThreadPriority
GlobalSize
DeleteCriticalSection
LeaveCriticalSection
VirtualFree
TlsGetValue
GlobalAlloc
EnterCriticalSection
GetProcAddress
TlsFree
GetCurrentThreadId
VirtualAlloc
CreateFileA
TlsAlloc
OutputDebugStringA
SetLastError
FreeLibrary
GetThreadSelectorEntry
GetTickCount
GetModuleHandleA
GetStartupInfoA
GetVersionExA
LoadLibraryA
GetTempPathA
TlsSetValue
SetPriorityClass
GetCurrentThread

Exports

Exports

BytesWarning
Int_FromSsize_t
KeyboardInterrupt
free_default
read_image

Sections

.text
Size: 96KB - Virtual size: 94KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 76KB - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 44KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 76KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

795cf82bac5300932ca971e10e39dadc

Headers

File Characteristics

Imports

user32

gdi32

advapi32

msvcrt

ddraw

kernel32

Exports

Exports

Sections

.text Size: 96KB - Virtual size: 94KB

.rdata Size: 76KB - Virtual size: 75KB

.data Size: 44KB - Virtual size: 44KB

.rsrc Size: 76KB - Virtual size: 74KB

.reloc Size: 8KB - Virtual size: 7KB

.text
Size: 96KB - Virtual size: 94KB

.rdata
Size: 76KB - Virtual size: 75KB

.data
Size: 44KB - Virtual size: 44KB

.rsrc
Size: 76KB - Virtual size: 74KB

.reloc
Size: 8KB - Virtual size: 7KB