2a76502fd9974ab810145039242511a0c89c9290811dbf84c361c0580c704e54

Sharing

Copy URL Twitter E-mail

General

Target

2a76502fd9974ab810145039242511a0c89c9290811dbf84c361c0580c704e54
Size

576KB
MD5

a06ffb1f1a30a40a52b20952cc8dc470
SHA1

5d0ecd9623dccb974be7964013a0f9fe90f90c01
SHA256

2a76502fd9974ab810145039242511a0c89c9290811dbf84c361c0580c704e54
SHA512

e147b816e098851a35679bd2c56ed64cf91cb63e39c8651499aada8bddb638d3220e3ba2ad047273baa785fddb9c3f5ebab308ebe5056cf36ca87d455542cd36
SSDEEP

6144:awoQUtp002YsqnzYRPSyaNkKF1mXDjX17E5Q0E3PwEWaRnCYmXhWreiXR8eZPssp:acUj4oz9/L1mTjqUbvSQrHuWsscUdb

Score

N/A

Malware Config

Signatures

Files

2a76502fd9974ab810145039242511a0c89c9290811dbf84c361c0580c704e54
.dll windows x86

52a3c5f076f76574b18115fb751cc81f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ddraw

DirectDrawCreate

msvcrt

atoi
_iob
bsearch
strstr
realloc
getenv
strcmp
memcmp
fflush
strtok
strncmp
memcpy
malloc
_CIpow
sscanf
fread
atof
ftell
free
fwrite
fscanf
sprintf
fprintf
ungetc
strcpy
floor
calloc
atol
_assert
fopen
memset
fgets
exit
_filbuf
_stricmp
_ftol
fseek
abort
qsort
memmove
fclose
printf
sqrt
rand

gdi32

GetDeviceCaps
GetDIBits
CreateDIBSection
GetPixelFormat
GetObjectType
CreateCompatibleDC
SetDIBColorTable
CreateCompatibleBitmap
SelectObject
DeleteObject
DeleteDC
ExtEscape
GetPaletteEntries
DescribePixelFormat
GetRasterizerCaps
CreateSolidBrush
GetObjectA
GetOutlineTextMetricsA
GetGlyphOutlineA
BitBlt

user32

DestroyWindow
FillRect
GetWindowThreadProcessId
GetWindowLongA
ReleaseDC
GetDesktopWindow
GetWindowRect
GetClientRect
GetParent
WindowFromDC
GetDC
MessageBoxA
GetActiveWindow
ClientToScreen
SetWindowsHookExA
UnhookWindowsHookEx

kernel32

GetThreadSelectorEntry
GetVersionExA
WriteFile
VirtualFree
GlobalFree
SetLastError
EnterCriticalSection
GetCurrentThreadId
GetStartupInfoA
VirtualAlloc
GlobalSize
TlsSetValue
GetCurrentThread
GetDateFormatA
SetThreadPriority
TlsGetValue
GetLastError
FreeLibrary
GetModuleFileNameA
TlsFree
OutputDebugStringA
DeleteCriticalSection
LoadLibraryA
InitializeCriticalSection
GetModuleHandleA
GetProcAddress
GetTempPathA
GetTickCount
GlobalAlloc
TlsAlloc
LeaveCriticalSection
Sleep
CreateFileA

advapi32

RegQueryValueExA
RegCloseKey
RegOpenKeyExA

Exports

Exports

AsEncodedObject
ClearFreeList
Decoder
GetImporter
GivenExceptionMatches
SetItem
_rowbytes_threshold

Sections

.text
Size: 168KB - Virtual size: 167KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 72KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 112KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 212KB - Virtual size: 211KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

52a3c5f076f76574b18115fb751cc81f

Headers

File Characteristics

Imports

ddraw

msvcrt

gdi32

user32

kernel32

advapi32

Exports

Exports

Sections

.text Size: 168KB - Virtual size: 167KB

.rdata Size: 72KB - Virtual size: 69KB

.data Size: 112KB - Virtual size: 112KB

.rsrc Size: 212KB - Virtual size: 211KB

.reloc Size: 8KB - Virtual size: 7KB

.text
Size: 168KB - Virtual size: 167KB

.rdata
Size: 72KB - Virtual size: 69KB

.data
Size: 112KB - Virtual size: 112KB

.rsrc
Size: 212KB - Virtual size: 211KB

.reloc
Size: 8KB - Virtual size: 7KB