65e86ab54b878ec2419801d06cc339ed4f06b9659f1f39eba2d5ea5f7c8d45e7

Sharing

Copy URL Twitter E-mail

General

Target

65e86ab54b878ec2419801d06cc339ed4f06b9659f1f39eba2d5ea5f7c8d45e7
Size

324KB
MD5

0478ccbb01b955d8dc525658241437a0
SHA1

a365ec7cb28c816d2ae61a82b823f60c377b2b81
SHA256

65e86ab54b878ec2419801d06cc339ed4f06b9659f1f39eba2d5ea5f7c8d45e7
SHA512

4c3301667f35a6175f9e263adc121563117f13ab069929aa5b8b216cae406ef79389b82740b08849ce923069c2398eea429721d0b172045f9f73ae938e1d7ef2
SSDEEP

6144:C/7/FWQRCbNlYQbx8+XQWvQ8zXSpM5PH7DQHs1tZ1BZjYnh:C/vChyg88zCzMXZ1BZC

Score

N/A

Malware Config

Signatures

Files

65e86ab54b878ec2419801d06cc339ed4f06b9659f1f39eba2d5ea5f7c8d45e7
.dll windows x86

e47c3f43c45e91c7a58159ccb69f7c21

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ddraw

DirectDrawCreate

kernel32

GetLastError
GlobalAlloc
GetCurrentThreadId
DeleteCriticalSection
GetModuleFileNameA
Sleep
GlobalFree
WriteFile
GetDateFormatA
SetThreadPriority
TlsGetValue
GetStartupInfoA
LeaveCriticalSection
GetTempPathA
FreeLibrary
VirtualFree
GetProcAddress
TlsAlloc
VirtualAlloc
CreateFileA
SetLastError
GetTickCount
TlsSetValue
TlsFree
GetVersionExA
GetModuleHandleA
LoadLibraryA
InitializeCriticalSection
GlobalSize
EnterCriticalSection
GetCurrentThread

msvcrt

memset
atol
fread
memcpy
fopen
_ftol
free
sprintf
strncmp
fprintf
ftell
rand
ungetc
sscanf
realloc
_stricmp
bsearch
fflush
_CIpow
getenv
fgets
sqrt
calloc
floor
strcpy
qsort
_assert
printf
strtok
abort
memmove
strcmp
atof
memcmp
fclose
atoi
strstr
_iob
_filbuf
fseek
malloc
exit
fscanf
fwrite

gdi32

SelectObject
CreateSolidBrush
DeleteDC
CreateFontIndirectA
BitBlt
GetObjectType
DeleteObject
GetOutlineTextMetricsA
CreateCompatibleBitmap
DescribePixelFormat
CreateDIBSection
CreateCompatibleDC
GetGlyphOutlineA
GetRasterizerCaps
GetObjectA
SetDIBColorTable
GetPixelFormat
GetCurrentObject
GetPaletteEntries
GetDeviceCaps
ExtEscape

user32

GetDesktopWindow
UnhookWindowsHookEx
GetClientRect
GetWindowThreadProcessId
FillRect
GetParent
GetDC
wsprintfA
DestroyWindow
ClientToScreen
ReleaseDC
MessageBoxA
GetWindowRect
WindowFromDC

advapi32

RegOpenKeyExA
RegCloseKey
RegQueryValueExA

Exports

Exports

GC_Del
InPlaceTrueDivide
Int_ClearFreeList
_Add
_getsig
convert_to_rfc1123

Sections

.text
Size: 96KB - Virtual size: 95KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 92KB - Virtual size: 89KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 44KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 80KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e47c3f43c45e91c7a58159ccb69f7c21

Headers

File Characteristics

Imports

ddraw

kernel32

msvcrt

gdi32

user32

advapi32

Exports

Exports

Sections

.text Size: 96KB - Virtual size: 95KB

.rdata Size: 92KB - Virtual size: 89KB

.data Size: 44KB - Virtual size: 44KB

.rsrc Size: 80KB - Virtual size: 79KB

.reloc Size: 8KB - Virtual size: 7KB

.text
Size: 96KB - Virtual size: 95KB

.rdata
Size: 92KB - Virtual size: 89KB

.data
Size: 44KB - Virtual size: 44KB

.rsrc
Size: 80KB - Virtual size: 79KB

.reloc
Size: 8KB - Virtual size: 7KB