c712a2d60f2672e8609010b784041f1804d649d6ca41de89b18e4fcdf7ea1fe7

Sharing

Copy URL Twitter E-mail

General

Target

c712a2d60f2672e8609010b784041f1804d649d6ca41de89b18e4fcdf7ea1fe7
Size

436KB
MD5

2a710277a956d04ea4bf9e868a50b487
SHA1

f82f05f3e577036afaeb7216967de46fa6d71045
SHA256

c712a2d60f2672e8609010b784041f1804d649d6ca41de89b18e4fcdf7ea1fe7
SHA512

e586b69850940171791e8a3166615e45e3bc3c69333cb5aefa7b4f668d39c7fa6cbb4e7b240b1a73da4f4f647a00e35d64c697e0ce47abb89e23226721ebac1b
SSDEEP

12288:CgNN3R00RYe7K9UzNDPH/m7MnHl9xNMeyMm:XN/SP+zNDXm7YnxNMeJ

Score

N/A

Malware Config

Signatures

Files

c712a2d60f2672e8609010b784041f1804d649d6ca41de89b18e4fcdf7ea1fe7
.dll windows x86

b83b0e92f183dd4a734293bb33eb649d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemTimeAsFileTime
GetTickCount
GetVersion
HeapLock
InterlockedCompareExchange
InterlockedExchange
InterlockedIncrement
IsProcessorFeaturePresent
LoadLibraryA
LoadResource
LockResource
MultiByteToWideChar
OutputDebugStringA
QueryPerformanceCounter
ReadFile
GetProcessTimes
ResetEvent
RtlUnwind
SetThreadContext
SizeofResource
TerminateProcess
UnhandledExceptionFilter
UnlockFile
VirtualAlloc
VirtualAllocEx
WaitForMultipleObjects
WaitForSingleObject
WideCharToMultiByte
WriteTapemark
ClearCommError
GetProcessPriorityBoost
GetProcAddress
GetModuleHandleA
GetMailslotInfo
GetLastError
GetFullPathNameW
GetCurrentThreadId
GetCurrentProcessId
GetCurrentProcess
GetCommandLineA
FreeLibrary
FindResourceA
ExitProcess
EnterCriticalSection
DisableThreadLibraryCalls
DeleteTimerQueue
CreateThread
CreateMutexA
CreateFileA
CloseHandle
ReleaseMutex

ole32

CreateStreamOnHGlobal

msvcrt

floor
free
iswspace
malloc
qsort
sqrt
tolower
abort
_wfindfirsti64
_vsnprintf
_unlock
_stricmp
_mbctombb
_j0
_initterm
_finite
_atoi64
_amsg_exit
__dllonexit
__RTDynamicCast
__CxxLongjmpUnwind
_XcptFilter
_CxxThrowException
_CIsqrt
_CIcos
_CIasin
_CIacos

gdi32

GdiGetBatchLimit
GetObjectA
GetTextMetricsA
ExtTextOutW
SetBkMode
SetMapMode
SetTextAlign
DeleteDC
ExtTextOutA
CreateFontIndirectW
CreateFontIndirectA
CreateDIBSection
SelectObject
CreateCompatibleDC

dinput

DirectInputCreateA

advapi32

RegCloseKey
CreatePrivateObjectSecurity
CloseTrace
RegQueryValueExA

Exports

Exports

CallFunction
InPlaceXor
NewClassMethod
RichCompareBool
Values
_DelSlice
_SetSlice
handle_as_unknown
malloc_default

Sections

.text
Size: 76KB - Virtual size: 75KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 260KB - Virtual size: 260KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 70KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b83b0e92f183dd4a734293bb33eb649d

Headers

File Characteristics

Imports

kernel32

ole32

msvcrt

gdi32

dinput

advapi32

Exports

Exports

Sections

.text Size: 76KB - Virtual size: 75KB

.rdata Size: 260KB - Virtual size: 260KB

.data Size: 70KB - Virtual size: 70KB

.rsrc Size: 23KB - Virtual size: 23KB

.reloc Size: 4KB - Virtual size: 4KB

.text
Size: 76KB - Virtual size: 75KB

.rdata
Size: 260KB - Virtual size: 260KB

.data
Size: 70KB - Virtual size: 70KB

.rsrc
Size: 23KB - Virtual size: 23KB

.reloc
Size: 4KB - Virtual size: 4KB