f85aa63580cebfb765feb2f11e876081a76b09a569903783dde623f6f0936152

Sharing

Copy URL Twitter E-mail

General

Target

f85aa63580cebfb765feb2f11e876081a76b09a569903783dde623f6f0936152
Size

475KB
MD5

3fab94fcf9dd162b219f99cfb3010180
SHA1

5fc9dec4f76438218d4db0e32bbb93575522cb2e
SHA256

f85aa63580cebfb765feb2f11e876081a76b09a569903783dde623f6f0936152
SHA512

a1469314ffa918cab99d4c614c85f444bcd1271f594b010a8f895ae333091759048f0e72cc7dafb610d8001c448eaa9b3d97680b339252e4673f7701d589855b
SSDEEP

12288:tUWVMIz9AFlTTqWMc/TwWfpML7oTxkQNDfkyQ8b7c5L:tUWVMWiD2Wb/TwaML7s2wjQ8c5L

Score

N/A

Malware Config

Signatures

Files

f85aa63580cebfb765feb2f11e876081a76b09a569903783dde623f6f0936152
.dll windows x86

d5c55946f93dd0c4cef225c343d5911a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ReleaseMutex
ResetEvent
RtlUnwind
TerminateProcess
TryEnterCriticalSection
ReadFile
WaitForMultipleObjects
WaitForSingleObject
WideCharToMultiByte
WriteTapemark
RaiseException
QueryPerformanceCounter
OutputDebugStringA
MultiByteToWideChar
LoadResource
LoadLibraryA
LeaveCriticalSection
IsProcessorFeaturePresent
InterlockedIncrement
InterlockedExchange
CreateFileA
GetVersion
GetTickCount
GetSystemTimeAsFileTime
GetProcessPriorityBoost
GetProcessAffinityMask
GetModuleHandleA
GetLastError
GetCurrentThreadId
GetCurrentProcessId
GetCurrentProcess
GetCommandLineA
GetCommProperties
FreeLibrary
FindResourceA
ExitProcess
EnterCriticalSection
DisableThreadLibraryCalls
CreateThread
CreateMutexA
VirtualAlloc

gdi32

gdiPlaySpoolStream
SwapBuffers
SetTextAlign
SetMapMode
SetBkMode
SetBkColor
SetBitmapDimensionEx
SelectObject
PlayMetaFileRecord
MaskBlt
GetTextMetricsW
GetTextMetricsA
GetGlyphOutlineA
GetFontLanguageInfo
ExtTextOutW
ExtTextOutA
DeleteObject
DeleteDC
CreateFontIndirectW
CreateFontIndirectA
CreateCompatibleDC
CloseFigure
GetObjectA

advapi32

RegEnumKeyExA
RemoveTraceCallback
RegQueryValueExA
RegCloseKey

msvcrt

_CIatan
_CIcos
_CIsin
_CIsqrt
_CxxThrowException
_XcptFilter
__RTtypeid
__dllonexit
__p__winver
_amsg_exit
_atoi64
_controlfp
_finite
_initterm
_j0
_lock
_stricmp
_unlock
floor
iswalpha
iswprint
iswpunct
iswspace
malloc
memcpy
qsort
tolower
_CIasin
_CIacos

dinput

DirectInputCreateA

ole32

CreateStreamOnHGlobal

Exports

Exports

CallMethodObjArgs
GetFlags
GetFuncName
Instance_Type
Long_AsSsize_t
ReleaseLock
_Clear
_DelSlice
set_cHRM

Sections

.text
Size: 75KB - Virtual size: 75KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 284KB - Virtual size: 284KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 69KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d5c55946f93dd0c4cef225c343d5911a

Headers

File Characteristics

Imports

kernel32

gdi32

advapi32

msvcrt

dinput

ole32

Exports

Exports

Sections

.text Size: 75KB - Virtual size: 75KB

.rdata Size: 284KB - Virtual size: 284KB

.data Size: 69KB - Virtual size: 70KB

.rsrc Size: 40KB - Virtual size: 39KB

.reloc Size: 4KB - Virtual size: 4KB

.text
Size: 75KB - Virtual size: 75KB

.rdata
Size: 284KB - Virtual size: 284KB

.data
Size: 69KB - Virtual size: 70KB

.rsrc
Size: 40KB - Virtual size: 39KB

.reloc
Size: 4KB - Virtual size: 4KB