ddf71f0c70eaac0093986f9d98d87908818f054c517c279cdeee1b180038997b

Sharing

Copy URL Twitter E-mail

General

Target

ddf71f0c70eaac0093986f9d98d87908818f054c517c279cdeee1b180038997b
Size

56KB
MD5

ae185805654f362ac58c3a6d31c23f70
SHA1

c09f69a1a0e918645d4174b661d9f8b91aa8f3d5
SHA256

ddf71f0c70eaac0093986f9d98d87908818f054c517c279cdeee1b180038997b
SHA512

0ab5f20084a06e8027da1667573b7c58eed1dde2b8b29dd7420f2cc0f6122398e45c26592505755364817f769ea67475f7f740d04df4d0958a1ca6b2d0d6c6aa
SSDEEP

1536:J4OpDfD2hUFozrkfrUNebQ7lFafOlIK9e:JPL8U2zrmrUgbDOlIK9

Score

N/A

Malware Config

Signatures

Files

ddf71f0c70eaac0093986f9d98d87908818f054c517c279cdeee1b180038997b
.dll windows x86

2daaabc0a2889494229f2c8d0d2de662

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcr80

_cexit
??_V@YAXPAX@Z
_purecall
_except_handler4_common
_onexit
_lock
__dllonexit
_unlock
__clean_type_info_names_internal
_crt_debugger_hook
?_type_info_dtor_internal_method@type_info@@QAEXXZ
?terminate@@YAXXZ
__CppXcptFilter
_adjust_fdiv
_amsg_exit
_initterm_e
_initterm
_decode_pointer
free
_encoded_null
_malloc_crt
_encode_pointer
__CxxFrameHandler3
??2@YAPAXI@Z
??3@YAXPAX@Z
__FrameUnwindFilter

kernel32

GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
InterlockedCompareExchange
Sleep
InterlockedExchange

mfc80u

ord6713
ord4585
ord1590
ord4267
ord6702
ord1973
ord6709
ord2049
ord6715
ord3108
ord3393
ord1290
ord686
ord454
ord1176
ord5943
ord3163
ord4255
ord4475
ord3943
ord2638
ord3703
ord3713
ord3712
ord3585
ord2527
ord2640
ord2534
ord2843
ord2708
ord4301
ord2829
ord2725
ord2531
ord1604
ord1603
ord1941
ord3903
ord3900
ord5940
ord5567
ord2712
ord4108
ord4111
ord6062
ord3754
ord2647
ord5798
ord4118
ord6060
ord4974
ord3982
ord2154
ord5827
ord5828
ord2137
ord1303
ord1311
ord5311
ord1718
ord3676
ord371
ord1168
ord1093
ord1079
ord5197
ord3079
ord3688
ord5210
ord5170
ord2936
ord6085
ord4175
ord1086
ord1085
ord870
ord577
ord269
ord776
ord575
ord1894

msvcm80

?RegisterModuleUninitializer@<CrtImplementationDetails>@@YAXP$AAVEventHandler@System@@@Z
?ThrowModuleLoadException@<CrtImplementationDetails>@@YAXP$AAVString@System@@@Z
?ThrowNestedModuleLoadException@<CrtImplementationDetails>@@YAXP$AAVException@System@@0@Z
?DoCallBackInDefaultDomain@<CrtImplementationDetails>@@YAXP6GJPAX@Z0@Z
?ThrowModuleLoadException@<CrtImplementationDetails>@@YAXP$AAVString@System@@P$AAVException@3@@Z
?DoDllLanguageSupportValidation@<CrtImplementationDetails>@@YAXXZ

user32

PostMessageW
SendMessageW
GetClientRect
CopyRect
GetWindow
SetWindowPos

mscoree

_CorDllMain

Exports

Exports

MFCM80ReleaseManagedReferences

Sections

.text
Size: 51KB - Virtual size: 50KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 984B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2daaabc0a2889494229f2c8d0d2de662

Headers

File Characteristics

Imports

msvcr80

kernel32

mfc80u

msvcm80

user32

mscoree

Exports

Exports

Sections

.text Size: 51KB - Virtual size: 50KB

.data Size: 1024B - Virtual size: 7KB

.rsrc Size: 1024B - Virtual size: 984B

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 51KB - Virtual size: 50KB

.data
Size: 1024B - Virtual size: 7KB

.rsrc
Size: 1024B - Virtual size: 984B

.reloc
Size: 2KB - Virtual size: 1KB