81e580ab94ba8ec309e050789c9d1edf2d5163530defaec38ac5df725da4690c

General

Target

81e580ab94ba8ec309e050789c9d1edf2d5163530defaec38ac5df725da4690c
Size

600KB
MD5

c1978d6fc21e159fc38994cb7063b5c0
SHA1

d6b0b6ae198b6bb1f632dc9ed1d8efa6dd72dd8f
SHA256

81e580ab94ba8ec309e050789c9d1edf2d5163530defaec38ac5df725da4690c
SHA512

1ec7279bf35b7889914c3147853b4829b68ce15c75c0ba43bdf6443deff82251c4393ef27dbd21dbb81ceda308aca28424fbf6a744d243190fb5b0262a6a8250
SSDEEP

12288:j+uWlKarl/PJV56qlfZxkKs6gOzIZssyllKuv+fd31S8A:MYaZ3JOmk6fkKBTRWdFn

Score

N/A

Malware Config

Signatures

Files

81e580ab94ba8ec309e050789c9d1edf2d5163530defaec38ac5df725da4690c
.dll windows x86

5ea2cc7d423d4d29ad3fd9d0196586a1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegQueryValueExA
RegOpenKeyExA
RegCloseKey

msvcrt

strcmp
abort
bsearch
strncmp
_ftol
fseek
fwrite
fgets
atol
memcpy
_iob
sqrt
ftell
rand
strstr
fread
fclose
calloc
_stricmp
strcpy
getenv
strtok
memset
malloc
memmove
fopen
_assert
free
sprintf
_CIpow
atoi
fprintf
printf
realloc
exit
sscanf

user32

MessageBoxA
UnhookWindowsHookEx
PrintWindow
GetClientRect
wsprintfA
GetParent
GetWindowThreadProcessId
WindowFromDC
GetDC

kernel32

LeaveCriticalSection
InitializeCriticalSection
GetCurrentThreadId
LoadLibraryA
GetModuleHandleA
SetThreadPriority
VirtualFree
VirtualAlloc
CreateFileA
GetProcAddress
GlobalFree
GetStartupInfoA
SetLastError
DeleteCriticalSection
QueryPerformanceCounter
GetDateFormatA
FlushConsoleInputBuffer
GetModuleFileNameA
GetTickCount
GlobalAlloc
TlsGetValue
Sleep
GetLastError
EnterCriticalSection
IsBadReadPtr
GlobalSize
TlsAlloc
FreeLibrary
TlsSetValue
TlsFree
GetVersionExA
GetCurrentThread

Exports

Exports

AddPyObjectTo
GetFuncDesc
SetBufSize
SetString
UnicodeDecodeError
_strtoul

Sections

.text
Size: 192KB - Virtual size: 191KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 80KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 112KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 204KB - Virtual size: 202KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5ea2cc7d423d4d29ad3fd9d0196586a1

Headers

File Characteristics

Imports

advapi32

msvcrt

user32

kernel32

Exports

Exports

Sections

.text Size: 192KB - Virtual size: 191KB

.rdata Size: 80KB - Virtual size: 79KB

.data Size: 112KB - Virtual size: 112KB

.rsrc Size: 204KB - Virtual size: 202KB

.reloc Size: 8KB - Virtual size: 7KB

.text
Size: 192KB - Virtual size: 191KB

.rdata
Size: 80KB - Virtual size: 79KB

.data
Size: 112KB - Virtual size: 112KB

.rsrc
Size: 204KB - Virtual size: 202KB

.reloc
Size: 8KB - Virtual size: 7KB