895e7c1ee5c1902ac40fe242eb10d9a77534186bb6e14c2b063f68889968fc69

Sharing

Copy URL Twitter E-mail

General

Target

895e7c1ee5c1902ac40fe242eb10d9a77534186bb6e14c2b063f68889968fc69
Size

332KB
MD5

08126b254b3719e918e32a0ad6e4c827
SHA1

89757ba9adef5ed476c2bc62435f423d7d121d54
SHA256

895e7c1ee5c1902ac40fe242eb10d9a77534186bb6e14c2b063f68889968fc69
SHA512

4ac5c2e579c56acb59b96b5d29c3311a0c2b711e1d333001b1e44fee3000b05c600fb69b1f4cc7629d4f32a0dac753f6ddd15acdeb1702019b736a5fe711e05c
SSDEEP

6144:iBX0NwF96GBq7QJq4fAjyBzQZRLCLNnGPLiZqyJ9/dZuXliLcUJJR7fKoTigrMpT:iKIZSeBGR+qin8JrVmxf/xAPsEH

Score

N/A

Malware Config

Signatures

Files

895e7c1ee5c1902ac40fe242eb10d9a77534186bb6e14c2b063f68889968fc69
.dll windows x86

e97b74a0f2ea1531be3dc3b14202a351

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

SHGetDesktopFolder
SHGetInstanceExplorer
SHGetMalloc
SHAddToRecentDocs

ole32

CLSIDFromProgID
CLSIDFromString
CoCreateInstance
CoGetClassObject
CoTaskMemAlloc
CoTaskMemFree
CoTaskMemRealloc
CreateStreamOnHGlobal
OleInitialize
OleLockRunning
OleUninitialize
StringFromGUID2

advapi32

RegCreateKeyExA
RegDeleteKeyA
RegDeleteValueA
RegEnumKeyExA
RegSetValueExA
RegQueryValueExA
RegQueryInfoKeyA
RegOpenKeyExA
RegCloseKey

kernel32

GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetLastError
GetLocaleInfoA
GetModuleFileNameA
GetModuleHandleA
GetProcAddress
GetProcessHeap
GetProcessPriorityBoost
GetSystemTimeAsFileTime
GetThreadLocale
GetTickCount
GetVersionExA
GlobalAlloc
GlobalFree
GetACP
GlobalLock
GlobalUnlock
HeapAlloc
HeapFree
InitializeCriticalSection
InterlockedCompareExchange
InterlockedDecrement
InterlockedExchange
InterlockedIncrement
IsDBCSLeadByte
IsProcessorFeaturePresent
LeaveCriticalSection
LoadLibraryA
LoadLibraryExA
LoadResource
LockResource
MulDiv
MultiByteToWideChar
QueryPerformanceCounter
RaiseException
SetLastError
SizeofResource
VirtualAlloc
VirtualFree
VirtualProtect
WideCharToMultiByte
lstrcmpA
lstrcmpiA
lstrcpynA
lstrlenA
lstrlenW
DeleteCriticalSection
DisableThreadLibraryCalls
EnterCriticalSection
ExitProcess
FindResourceA
FlushInstructionCache
FreeLibrary
GlobalHandle

oleaut32

VarUI4FromStr
VariantClear
VariantInit
SysStringByteLen
SysFreeString
SysAllocStringLen
SysAllocString
OleCreateFontIndirect
LoadTypeLi
LoadRegTypeLi
SysStringLen

gdi32

GetStockObject
GetObjectA
GetDeviceCaps
RestoreDC
SaveDC
SelectObject
SetBkMode
SetGraphicsMode
SetTextColor
SetViewportOrgEx
SetWindowOrgEx
ModifyWorldTransform
DeleteDC
DPtoLP
CreateSolidBrush
CreateFontIndirectA
CreateCompatibleDC
CreateCompatibleBitmap
BitBlt
DeleteObject

user32

wsprintfA
UnregisterClassA
SetWindowTextA
SetWindowPos
SetWindowLongA
SetWindowContextHelpId
SetFocus
BeginPaint
CallWindowProcA
CharNextA
CreateAcceleratorTableA
CreateWindowExA
DefWindowProcA
DestroyAcceleratorTable
DestroyWindow
DialogBoxIndirectParamA
EnableWindow
EndDialog
EndPaint
FillRect
GetActiveWindow
GetClassInfoExA
GetClassNameA
GetClientRect
GetCursorPos
GetDC
GetDesktopWindow
GetDlgCtrlID
GetDlgItem
GetFocus
GetParent
GetSysColor
GetWindow
GetWindowLongA
GetWindowRect
GetWindowTextA
GetWindowTextLengthA
InvalidateRect
InvalidateRgn
IsChild
IsWindow
LoadCursorA
LoadStringA
MapDialogRect
MessageBoxA
PtInRect
RedrawWindow
RegisterClassExA
RegisterWindowMessageA
ReleaseCapture
ReleaseDC
SendMessageA
SetCapture
SetCursor

comctl32

ord17

ddraw

DirectDrawEnumerateA
DSoundHelp

Exports

Exports

ColorAdjustSaturation
CreateEffectPool
CreateSkinInfoFromBlendedMesh
CreateTextW
CreateTextureFromFileW
DebugMute
GetRTFOptions
MatrixOrthoOffCenterRH
MatrixTranspose
QuaternionNormalize
TessellateRectPatch
mpegInGetNextFrameTS
mpegInOpenExisting

Sections

.text
Size: 46KB - Virtual size: 46KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 188KB - Virtual size: 188KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 42KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 51KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e97b74a0f2ea1531be3dc3b14202a351

Headers

File Characteristics

Imports

shell32

ole32

advapi32

kernel32

oleaut32

gdi32

user32

comctl32

ddraw

Exports

Exports

Sections

.text Size: 46KB - Virtual size: 46KB

.rdata Size: 188KB - Virtual size: 188KB

.data Size: 42KB - Virtual size: 43KB

.rsrc Size: 51KB - Virtual size: 50KB

.reloc Size: 3KB - Virtual size: 2KB

.text
Size: 46KB - Virtual size: 46KB

.rdata
Size: 188KB - Virtual size: 188KB

.data
Size: 42KB - Virtual size: 43KB

.rsrc
Size: 51KB - Virtual size: 50KB

.reloc
Size: 3KB - Virtual size: 2KB