b6b0b08fde4b165fc5f8c1e123494af7670cfe2a7057f2167e3f86df77fbfe1c

Sharing

Copy URL

Twitter E-mail

General

Target

b6b0b08fde4b165fc5f8c1e123494af7670cfe2a7057f2167e3f86df77fbfe1c
Size

88KB
MD5

473069fc050194d8915a2c07fd83fd60
SHA1

dfd81132ff674eb3325f19cc47fb5bbf15b17a3a
SHA256

b6b0b08fde4b165fc5f8c1e123494af7670cfe2a7057f2167e3f86df77fbfe1c
SHA512

cf4b2a3f3422330196a6707eea079a372fe395eeb673cfa6dbeb175a1f3cba3b12d29c074f2ee60f168731cdf2458b444b3c1e42a09f006cacd09a6c361e25b6
SSDEEP

1536:fVrN/iP11uuGs54Uo6WCjtsLJnE9P5ju7/a9Z9:51i91pmUoRM6JaPFuDa9Z

Score

N/A

Malware Config

Signatures

Files

b6b0b08fde4b165fc5f8c1e123494af7670cfe2a7057f2167e3f86df77fbfe1c
.dll windows x86

fa64e7181c750e864dfff693d04fb7f2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

imm32

ImmReleaseContext
ImmGetContext
ImmGetCompositionStringA

kernel32

OpenProcess
GetCurrentProcessId
WriteProcessMemory
ReadProcessMemory
VirtualQueryEx
GetModuleFileNameW
CreateFileMappingA
HeapFree
GetProcessHeap
UnmapViewOfFile
GetLocalTime
OpenFileMappingA
OutputDebugStringA
WideCharToMultiByte
HeapAlloc
GetTickCount
CopyFileA
GetPrivateProfileStringA
GetCurrentProcess
GlobalFree
GlobalUnlock
GlobalHandle
GlobalAlloc
GetSystemDirectoryA
DeleteFileA
CreateFileA
CloseHandle
WriteFile
GetModuleFileNameA
GetFileInformationByHandle
CreateThread
GetModuleHandleA
LoadLibraryA
GetProcAddress
VirtualProtect
InterlockedExchange
Sleep
GetFileSize
ReadFile
GlobalLock
GetTempPathA
MapViewOfFile

user32

GetDC
ReleaseDC
SetRect
SendMessageA
GetKeyState
GetWindowRect
PostThreadMessageA
DispatchMessageA
GetForegroundWindow
CallNextHookEx
UnhookWindowsHookEx
FindWindowExW
GetWindowThreadProcessId
GetWindowLongA
FindWindowExA
GetWindowTextA
MsgWaitForMultipleObjects
PeekMessageA
TranslateMessage

gdi32

GetObjectA
CreateCompatibleDC
CreateCompatibleBitmap
SelectObject
GetDeviceCaps
BitBlt
DeleteObject
GetDIBits
DeleteDC

shell32

SHGetSpecialFolderPathA

ole32

CoCreateInstance

avifil32

AVIMakeCompressedStream
AVISaveOptionsFree
AVIFileRelease
AVIStreamRelease
AVIFileExit
AVIStreamWrite
AVIFileInit
AVIFileOpenA
AVIFileCreateStreamA
AVIStreamSetFormat

msvfw32

ord2

winmm

waveInAddBuffer
waveInOpen
waveInClose
waveOutOpen
waveOutWrite
waveOutClose

shlwapi

SHGetValueA
SHSetValueA

msvcp60

??0_Lockit@std@@QAE@XZ
??1_Lockit@std@@QAE@XZ

msvcrt

abs
strftime
localtime
memcmp
strcmp
vsprintf
_memicmp
wcslen
atol
strcat
strchr
_access
_stricmp
atoi
fflush
fwrite
fclose
fopen
_mkdir
fseek
strncmp
printf
free
_ftol
_CIacos
srand
_wcsnicmp
_strlwr
_CIpow
_adjust_fdiv
malloc
rand
rename
strcpy
__dllonexit
_onexit
_stat
__CxxFrameHandler
memcpy
??2@YAPAXI@Z
memset
memmove
time
sprintf
strlen
strstr
strrchr
strncpy
_initterm

Exports

Exports

GetDLLVer
partInit

Sections

.text
Size: 47KB - Virtual size: 46KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 21KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.SHARDAT
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fa64e7181c750e864dfff693d04fb7f2

Headers

File Characteristics

Imports

version

imm32

kernel32

user32

gdi32

shell32

ole32

avifil32

msvfw32

winmm

shlwapi

msvcp60

msvcrt

Exports

Exports

Sections

.text Size: 47KB - Virtual size: 46KB

.rdata Size: 7KB - Virtual size: 6KB

.data Size: 21KB - Virtual size: 42KB

.SHARDAT Size: 7KB - Virtual size: 6KB

.rsrc Size: 512B - Virtual size: 16B

.reloc Size: 4KB - Virtual size: 4KB

.text
Size: 47KB - Virtual size: 46KB

.rdata
Size: 7KB - Virtual size: 6KB

.data
Size: 21KB - Virtual size: 42KB

.SHARDAT
Size: 7KB - Virtual size: 6KB

.rsrc
Size: 512B - Virtual size: 16B

.reloc
Size: 4KB - Virtual size: 4KB