afe47a470fd06993afc7b6840d38788a7e185abb2b4317dca55f4d2dd1caa19a

Sharing

Copy URL Twitter E-mail

General

Target

afe47a470fd06993afc7b6840d38788a7e185abb2b4317dca55f4d2dd1caa19a
Size

418KB
MD5

f2f9e1f76f3dbc9b933a42adba60edcb
SHA1

580bc285e71ce7348ec2b8f85decf667f0d31b70
SHA256

afe47a470fd06993afc7b6840d38788a7e185abb2b4317dca55f4d2dd1caa19a
SHA512

8812f1b5ed3b3b07c7b81199b34643dd3bd76063c2678b9ca1b8703e99bf30695bd82645b78fb63fb2a673f524a49e35c2cf231b2162cd9372606b699699c6c7
SSDEEP

6144:1K/UIUYJBlUYYUQWMVZ6a/lGw+ww/jPRoQeeaQeeDQeesQeeBZQeehQeexXMOrV0:kUIUYTlUYYUROUUlGwwcXlxBe

Score

N/A

Malware Config

Signatures

Files

afe47a470fd06993afc7b6840d38788a7e185abb2b4317dca55f4d2dd1caa19a
.dll windows x86

08ebe69d53c520c2c8c110aa41e8afc3

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateThread
VirtualProtect
GetModuleHandleA
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
HeapFree
GetProcessHeap
HeapAlloc
InterlockedCompareExchange
InterlockedExchange
VirtualAlloc
IsBadWritePtr
Beep
Sleep
GetCurrentProcess
IsProcessorFeaturePresent
GetSystemInfo
OutputDebugStringA
VirtualFree
GetProcAddress
LoadLibraryA
WideCharToMultiByte
MultiByteToWideChar
GetVersionExA

user32

GetSystemMetrics
GetDesktopWindow
DefWindowProcA
CreateWindowExA
MessageBoxA
GetAsyncKeyState
RegisterClassExA
SetRect
DestroyWindow

msvcp90

??0?$basic_ofstream@DU?$char_traits@D@std@@@std@@QAE@XZ
??_D?$basic_ofstream@DU?$char_traits@D@std@@@std@@QAEXXZ

winmm

timeGetTime

d3d9

Direct3DCreate9

msvcr90

fclose
tmpfile
_unlock
__dllonexit
_encode_pointer
_lock
_onexit
_decode_pointer
_malloc_crt
_encoded_null
_initterm
_initterm_e
_amsg_exit
_adjust_fdiv
__CppXcptFilter
_crt_debugger_hook
_except_handler4_common
fwrite
__clean_type_info_names_internal
isspace
isdigit
_setjmp3
longjmp
modf
iswspace
iswalpha
iswdigit
iswpunct
strncpy
_ftol
_CIpow
??2@YAPAXI@Z
_time64
_localtime64
??3@YAXPAX@Z
_vsnprintf
malloc
memmove
sprintf
fseek
fread
sscanf
exit
__CxxFrameHandler
_finite
_CIacos
floor
setlocale
_strdup
free
ldexp
memset
_CIsin
_CIcos

gdi32

CreateFontIndirectW
SetTextAlign
SetMapMode
CreateCompatibleDC
CreateFontIndirectA
GetObjectW
GetTextMetricsA
GetGlyphOutlineA
SetTextColor
GetCharacterPlacementW
GetFontLanguageInfo
GetTextMetricsW
GetObjectA
SetBkColor
ExtTextOutW
MoveToEx
ExtTextOutA
GetCharacterPlacementA
SelectObject
DeleteObject
DeleteDC
CreateDIBSection
SetBkMode

advapi32

RegCloseKey
RegOpenKeyA
RegQueryValueExA

Sections

.text
Size: 286KB - Virtual size: 285KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 69KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 40KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 688B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

08ebe69d53c520c2c8c110aa41e8afc3

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

msvcp90

winmm

d3d9

msvcr90

gdi32

advapi32

Sections

.text Size: 286KB - Virtual size: 285KB

.rdata Size: 69KB - Virtual size: 69KB

.data Size: 40KB - Virtual size: 57KB

.rsrc Size: 1024B - Virtual size: 688B

.reloc Size: 21KB - Virtual size: 20KB

.text
Size: 286KB - Virtual size: 285KB

.rdata
Size: 69KB - Virtual size: 69KB

.data
Size: 40KB - Virtual size: 57KB

.rsrc
Size: 1024B - Virtual size: 688B

.reloc
Size: 21KB - Virtual size: 20KB