de0f53ed95cc901ccd022d1dbcd91b7592d2ec70f308245c42c564bb91864082

Sharing

Copy URL Twitter E-mail

General

Target

de0f53ed95cc901ccd022d1dbcd91b7592d2ec70f308245c42c564bb91864082
Size

241KB
MD5

e3e5e6d84e5439a0e05c29ea84f69980
SHA1

ae76db8291099a302f7658af3ad7984885e78518
SHA256

de0f53ed95cc901ccd022d1dbcd91b7592d2ec70f308245c42c564bb91864082
SHA512

106cd582ddeb9ae80b2a73547b3f3af714acb8c434360bef9f35732f9d1cd363390c0457e717da74ea9f86102119377ea3ffad4a8ea7a09eb03e7e9564305fd0
SSDEEP

6144:EIZT0npO/Vur0rJd27tQi+CEjcgcS73UFO9H:1ur0rH2ai+CEBZbH

Score

N/A

Malware Config

Signatures

Files

de0f53ed95cc901ccd022d1dbcd91b7592d2ec70f308245c42c564bb91864082
.exe windows x86

4e935067cafeb541fd2ea686e87ccd22

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
OpenMutexA
LockResource
GetModuleHandleA
CloseHandle
lstrcpyA
LCMapStringW
GetStringTypeW
GlobalFree
FlushFileBuffers
WriteFile
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
GetProcessHeap
SetEndOfFile
WriteConsoleW
GetCurrentProcessId
QueryPerformanceCounter
HeapCreate
GetProcAddress
GetLastError
GlobalUnlock
lstrcatA
MulDiv
SizeofResource
HeapSize
GlobalAlloc
GetTickCount
WaitForSingleObject
GlobalLock
GetCurrentProcess
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetModuleFileNameA
GetModuleFileNameW
HeapAlloc
LoadResource
HeapReAlloc
FindResourceA
MultiByteToWideChar
ReadFile
GetSystemTimeAsFileTime
GetModuleHandleW
ExitProcess
DecodePointer
GetCommandLineA
HeapSetInformation
GetStartupInfoW
RaiseException
HeapFree
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
SetStdHandle
EnterCriticalSection
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
GetFileType
WideCharToMultiByte
GetConsoleCP
GetConsoleMode
IsProcessorFeaturePresent
CreateFileA
CreateFileW
EncodePointer
SetFilePointer
Sleep
SetHandleCount
GetStdHandle
DeleteCriticalSection
RtlUnwind
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
InterlockedDecrement
LoadLibraryW

user32

GetWindowThreadProcessId
SetDlgItemTextA
EndPaint
LoadIconA
BeginPaint
EnumWindows
IsDialogMessageA
GetMenu
LoadIconW
GetGUIThreadInfo
MessageBoxA
CreateWindowExA
SetClassLongA
EndDialog
GetMenuItemCount
UpdateWindow
FindWindowA

gdi32

LineTo
SetPixel
SelectObject
Ellipse
CreatePen
GetStockObject
MoveToEx

ole32

CreateStreamOnHGlobal

ws2_32

gethostname

comctl32

ord17

dinput8

DirectInput8Create

Sections

.text
Size: 74KB - Virtual size: 74KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 150KB - Virtual size: 178KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4e935067cafeb541fd2ea686e87ccd22

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

ole32

ws2_32

comctl32

dinput8

Sections

.text Size: 74KB - Virtual size: 74KB

.rdata Size: 14KB - Virtual size: 14KB

.data Size: 150KB - Virtual size: 178KB

.rsrc Size: 1KB - Virtual size: 1KB

.text
Size: 74KB - Virtual size: 74KB

.rdata
Size: 14KB - Virtual size: 14KB

.data
Size: 150KB - Virtual size: 178KB

.rsrc
Size: 1KB - Virtual size: 1KB