ab329ef1020c6a84254f6612ca8da7606215b2c8c66d9a2cb53a5b65be2c3621

Sharing

Copy URL Twitter E-mail

General

Target

ab329ef1020c6a84254f6612ca8da7606215b2c8c66d9a2cb53a5b65be2c3621
Size

397KB
MD5

d57ea9e5805a799b1c371c7380b34c1f
SHA1

b14a41f24a6ada759fc2dedd3fb546b214c2d797
SHA256

ab329ef1020c6a84254f6612ca8da7606215b2c8c66d9a2cb53a5b65be2c3621
SHA512

df24d75f7765968cf59d97f5343594b7d13be6fb0fd2954b87230a3195214ba78b54615882acb03eb0b97cfd6a67ceaad115a2b07659d92be0207be0234e8aff
SSDEEP

12288:cXA3lyaGAoJ7nlPtx1wqL84ReFIMm5VXoxQ:KAsJJ7TwFgVXo

Score

N/A

Malware Config

Signatures

Files

ab329ef1020c6a84254f6612ca8da7606215b2c8c66d9a2cb53a5b65be2c3621
.dll windows x86

3e40c93dfd29404289f3f26c43865027

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CoUninitialize
CoInitialize
CoCreateInstance

version

VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA

dbghelp

ImageRvaToVa
SymEnumSymbols
SymEnumerateModules64
SymFindFileInPath
SymFunctionTableAccess
SymGetTypeInfo
SymCleanup

msvcrt

swprintf
strtoul
strtol
strstr
strrchr
mktime
memset
memcpy
mbtowc
malloc
log
localeconv
labs
isxdigit
isupper
isgraph
isdigit
isalpha
gmtime
free
fprintf
fopen
strcat
fclose
clock
calloc
atoi
time
_wcsicmp
_unlock
_strtime
_strnicmp
_strlwr
_stricmp
_snprintf
_read
_onexit
_lseeki64
_lock
_itoa
_ismbblead
_iob
_initterm
_heapused
_gmtime64
_get_sbh_threshold
_fileno
_atoi64
_amsg_exit
_adj_fdiv_m32i
__p__winver
__p__daylight
__mb_cur_max
_XcptFilter
_CIfmod
tolower
printf
wcsncmp
wcsrchr
wctomb
_write
wcsstr
sprintf
realloc
ferror
rand
wcschr

user32

SetWindowTextA
EnumChildWindows
EnumWindows
GetClassNameA
wsprintfW
TranslateMessage
DispatchMessageA
PeekMessageA
GetWindowThreadProcessId

advapi32

RegCloseKey
RegOpenKeyExW
RegOpenKeyExA

kernel32

VirtualFreeEx
VirtualAllocEx
VirtualAlloc
UnregisterWait
UnmapViewOfFile
UnhandledExceptionFilter
TerminateProcess
SystemTimeToFileTime
SwitchToFiber
SetUnhandledExceptionFilter
SetLastError
SetFilePointer
SearchPathA
RtlUnwind
QueryPerformanceCounter
OutputDebugStringA
MultiByteToWideChar
MapViewOfFile
LockResource
LocalFree
LoadResource
LoadLibraryA
InterlockedCompareExchange
HeapAlloc
Heap32First
GetVersionExW
GetVersionExA
GetVersion
WriteFile
GetSystemTimeAsFileTime
GetSystemTime
GetSystemDefaultUILanguage
GetProcessPriorityBoost
GetProcessHeap
GetProcAddress
GetNumberOfConsoleMouseButtons
GetNamedPipeInfo
GetModuleHandleA
GetLocalTime
GetLastError
GetFileSize
GetCurrentThreadId
GetCurrentProcessId
GetCurrentProcess
GetCommandLineA
GetCPInfo
FormatMessageA
FindResourceA
FindFirstFileA
FindClose
FileTimeToLocalFileTime
ExitProcess
DeleteTimerQueue
DebugBreak
CreateFileMappingA
CreateFileA
CreateDirectoryA
CompareFileTime
lstrlenA
lstrlenW
GetTickCount
WideCharToMultiByte

Exports

Exports

CreateSyncReader
LoadMeshHierarchyFromXA
ServiceMain
SourcePlay

Sections

.text
Size: 63KB - Virtual size: 63KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 204KB - Virtual size: 203KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 68KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 57KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3e40c93dfd29404289f3f26c43865027

Headers

File Characteristics

Imports

ole32

version

dbghelp

msvcrt

user32

advapi32

kernel32

Exports

Exports

Sections

.text Size: 63KB - Virtual size: 63KB

.rdata Size: 204KB - Virtual size: 203KB

.data Size: 68KB - Virtual size: 69KB

.rsrc Size: 57KB - Virtual size: 56KB

.reloc Size: 3KB - Virtual size: 3KB

.text
Size: 63KB - Virtual size: 63KB

.rdata
Size: 204KB - Virtual size: 203KB

.data
Size: 68KB - Virtual size: 69KB

.rsrc
Size: 57KB - Virtual size: 56KB

.reloc
Size: 3KB - Virtual size: 3KB