590862b19aa6cff401c8ff9ac011d143c8e5083af59b5cc02232c6e3adeb891b

Sharing

Copy URL Twitter E-mail

General

Target

590862b19aa6cff401c8ff9ac011d143c8e5083af59b5cc02232c6e3adeb891b
Size

304KB
MD5

bd65123276a135a090f2c449741f7610
SHA1

599d2bffa0f7347094db3472fb870284af66690b
SHA256

590862b19aa6cff401c8ff9ac011d143c8e5083af59b5cc02232c6e3adeb891b
SHA512

da33126c22488269379fda0c93b4b3b136cebff2ec37d7fdb3ffa1ee200462ccd84b47239078c517a7675d6e1a4b2c1711e7599c71b71e26a2de35f64de6ba44
SSDEEP

6144:8h0b9/VSG/9PCMWjn7c2faywSgceN+Nv0R8pHun/jgoBmFK:8q99D/96Fn7tOgvZtpHnFK

Score

N/A

Malware Config

Signatures

Files

590862b19aa6cff401c8ff9ac011d143c8e5083af59b5cc02232c6e3adeb891b
.dll windows x86

262b723a98f1df7332cd11cc1c89bc4c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

GetOutlineTextMetricsA
GetRasterizerCaps
CreateSolidBrush
GetObjectType
SelectObject
DescribePixelFormat
GetPixelFormat
ExtEscape
CreateCompatibleDC
CreateCompatibleBitmap
GetObjectA
GetPaletteEntries
SetDIBColorTable
GetDeviceCaps
DeleteDC
DeleteObject
GetCurrentObject
CreateFontIndirectA
BitBlt
CreateDIBSection
GetGlyphOutlineA

ddraw

DirectDrawCreate

kernel32

FreeLibrary
InitializeCriticalSection
GlobalAlloc
EnterCriticalSection
GetModuleFileNameA
VirtualAlloc
GetCurrentThread
LeaveCriticalSection
GlobalFree
TlsFree
GetStartupInfoA
GetLastError
GetCurrentThreadId
GetModuleHandleA
Sleep
SetLastError
GetProcAddress
CreateFileA
LoadLibraryA
GetVersionExA
GlobalSize
TlsAlloc
WriteFile
TlsSetValue
GetTickCount
VirtualFree
SetThreadPriority
TlsGetValue
DeleteCriticalSection
GetTempPathA
GetDateFormatA

advapi32

RegOpenKeyExA
RegCloseKey
RegQueryValueExA

user32

WindowFromDC
GetDC
GetWindowThreadProcessId
GetClientRect
ReleaseDC
MessageBoxA
GetParent
GetDesktopWindow
wsprintfA
UnhookWindowsHookEx
DestroyWindow
ClientToScreen
GetWindowRect
FillRect

msvcrt

rand
fgets
floor
printf
bsearch
fclose
exit
fopen
realloc
fseek
sprintf
memset
atol
fprintf
malloc
strcmp
_CIpow
_stricmp
fscanf
atof
ungetc
_iob
memcmp
memcpy
_filbuf
free
getenv
strncmp
strstr
_ftol
fread
fflush
qsort
memmove
fwrite
_assert
sscanf
calloc
atoi
abort
strtok
strcpy
ftell
sqrt

Exports

Exports

FromObjectMem
GetModuleDict
Member3_Set
Method_Self
PrintEx
get_sBIT
method
set_palette_to_rgb
strategy

Sections

.text
Size: 104KB - Virtual size: 102KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 72KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 76KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

262b723a98f1df7332cd11cc1c89bc4c

Headers

File Characteristics

Imports

gdi32

ddraw

kernel32

advapi32

user32

msvcrt

Exports

Exports

Sections

.text Size: 104KB - Virtual size: 102KB

.rdata Size: 72KB - Virtual size: 71KB

.data Size: 40KB - Virtual size: 40KB

.rsrc Size: 76KB - Virtual size: 74KB

.reloc Size: 8KB - Virtual size: 7KB

.text
Size: 104KB - Virtual size: 102KB

.rdata
Size: 72KB - Virtual size: 71KB

.data
Size: 40KB - Virtual size: 40KB

.rsrc
Size: 76KB - Virtual size: 74KB

.reloc
Size: 8KB - Virtual size: 7KB