5ca681b865dbe654c7fa25948e0331c617f5b4b70d4a8454d517555027b4129b

General

Target

5ca681b865dbe654c7fa25948e0331c617f5b4b70d4a8454d517555027b4129b
Size

389KB
MD5

916f6a1a9eb53df0eda2536cb11c6be2
SHA1

3f2c9a8af1d3b03eeedd9ef351c612b8b257acee
SHA256

5ca681b865dbe654c7fa25948e0331c617f5b4b70d4a8454d517555027b4129b
SHA512

69c71e169ae1453919cf581f32b045ec2c8aec4c06cc97b0ffaecc422251867b9922e706022260550a2adf66a151bc2d8eecbf0454f6357f84604ba08111625e
SSDEEP

6144:xEZh47VkyceAmQdyBIPrcRfQdwhp6vzrCIXhsEgtM0Dwo5Nfcp3/eQPVO2P4cWb:S47grdehIdJ/CIiEMM0Db+/eKExck

Score

N/A

Malware Config

Signatures

Files

5ca681b865dbe654c7fa25948e0331c617f5b4b70d4a8454d517555027b4129b
.dll windows x86

b00a998395270b0fb3db3f1890166652

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegCloseKey
RegEnumValueA
RegEnumValueW
RegOpenKeyExA
RegQueryInfoKeyA
RegQueryInfoKeyW
GetWindowsAccountDomainSid

gdi32

CreateCompatibleBitmap
CreateFontIndirectW
DeleteObject
EnumFontFamiliesExA
EnumFontFamiliesExW
ExtTextOutW
GetDIBits
GetDeviceCaps
GetGlyphOutlineA
GetStockObject
GetTextMetricsA
SelectObject
SetBkColor
SetMapMode
SetTextColor

user32

SystemParametersInfoA
ReleaseDC
HideCaret
GetWindowDC
GetDesktopWindow
GetDC
FillRect

kernel32

VirtualAlloc
QueryPerformanceCounter
Module32Next
LoadLibraryA
GetVersionExA
GetVersion
GetTickCount
DisableThreadLibraryCalls
ExitProcess
GetCommandLineA
GetCurrentProcessId
GetCurrentThreadId
GetModuleHandleA
GetProcessPriorityBoost
GetSystemDirectoryA
GetSystemTimeAsFileTime

Exports

Exports

CreateFragmentLinker
CreateSyncReader
JoinLeaf
SourcePause
TessellateTriPatch

Sections

.text
Size: 68KB - Virtual size: 68KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 190KB - Virtual size: 189KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 68KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 57KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b00a998395270b0fb3db3f1890166652

Headers

File Characteristics

Imports

advapi32

gdi32

user32

kernel32

Exports

Exports

Sections

.text Size: 68KB - Virtual size: 68KB

.rdata Size: 190KB - Virtual size: 189KB

.data Size: 68KB - Virtual size: 68KB

.rsrc Size: 57KB - Virtual size: 56KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 68KB - Virtual size: 68KB

.rdata
Size: 190KB - Virtual size: 189KB

.data
Size: 68KB - Virtual size: 68KB

.rsrc
Size: 57KB - Virtual size: 56KB

.reloc
Size: 4KB - Virtual size: 3KB