34153b5b2a308c563c32c41d7c8a6e697a63dd5d52ef04d279ca0fabf815b3d7

General

Target

34153b5b2a308c563c32c41d7c8a6e697a63dd5d52ef04d279ca0fabf815b3d7
Size

584KB
MD5

9d93cdc6909d251f4aae750507248600
SHA1

cf57efcd4f1edf6a3ece1e15cbb6b622d821298b
SHA256

34153b5b2a308c563c32c41d7c8a6e697a63dd5d52ef04d279ca0fabf815b3d7
SHA512

9db73ede3925c7d9649e3c1770ab38ecef0ec1af98288b1982b47f14efcc7a13d03440ad7c150dc68ae18e6d48e48df9b914c8a923aff5598d2e5ba08a7b1b09
SSDEEP

12288:tD/+0JuJB9Iv43tail2Rkz66J6Xbx2K8iXKfUgx0hgNoG29:JDuJkv43taWz6X92fiXKfFWhgGG2

Score

N/A

Malware Config

Signatures

Files

34153b5b2a308c563c32c41d7c8a6e697a63dd5d52ef04d279ca0fabf815b3d7
.dll windows x86

41310a2f9c191a6aa03860b6a7cf1c59

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

exit
memset
_assert
atof
fclose
calloc
sprintf
strncmp
_filbuf
memcpy
fgets
fread
_iob
atol
_ftol
_stricmp
ungetc
bsearch
free
memcmp
strtok
fprintf
strcmp
memmove
sscanf
_CIpow
printf
realloc
fwrite
fopen
malloc
atoi
fseek
ftell
rand
abort
strstr
getenv
strcpy
sqrt

user32

GetDesktopWindow
WindowFromDC
wsprintfA
UnhookWindowsHookEx
GetDC
ClientToScreen
MessageBoxA
GetParent
GetWindowThreadProcessId
GetClientRect
ReleaseDC
FillRect
GetWindowRect
DestroyWindow

advapi32

RegOpenKeyExA
RegQueryValueExA
RegCloseKey

kernel32

TlsAlloc
TlsFree
WriteFile
GlobalFree
CreateFileA
VirtualFree
GetVersionExA
Sleep
EnterCriticalSection
DeleteCriticalSection
GetLastError
GetProcAddress
InitializeCriticalSection
GetCurrentThread
GetModuleFileNameA
GetStartupInfoA
SetLastError
GetTickCount
GetDateFormatA
VirtualAlloc
TlsGetValue
GetModuleHandleA
SetThreadPriority
TlsSetValue
LeaveCriticalSection
GetCurrentThreadId
FreeLibrary
GlobalAlloc
GetTempPathA
GlobalSize
LoadLibraryA

Exports

Exports

GetFuncDesc
GetGlobals
WriteLongToFile
set_gray_to_rgb

Sections

.text
Size: 188KB - Virtual size: 186KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 64KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 112KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 204KB - Virtual size: 203KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

41310a2f9c191a6aa03860b6a7cf1c59

Headers

File Characteristics

Imports

msvcrt

user32

advapi32

kernel32

Exports

Exports

Sections

.text Size: 188KB - Virtual size: 186KB

.rdata Size: 64KB - Virtual size: 61KB

.data Size: 112KB - Virtual size: 112KB

.rsrc Size: 204KB - Virtual size: 203KB

.reloc Size: 12KB - Virtual size: 9KB

.text
Size: 188KB - Virtual size: 186KB

.rdata
Size: 64KB - Virtual size: 61KB

.data
Size: 112KB - Virtual size: 112KB

.rsrc
Size: 204KB - Virtual size: 203KB

.reloc
Size: 12KB - Virtual size: 9KB