d9895cf6ab796842df638d61206495453f61b8977b73177ac3fd16aaead67b28

General

Target

d9895cf6ab796842df638d61206495453f61b8977b73177ac3fd16aaead67b28
Size

340KB
MD5

4056e3b0e1b6c1708b4add7b45d28ea0
SHA1

0963e01094844caf0cf703376f8a68841959543e
SHA256

d9895cf6ab796842df638d61206495453f61b8977b73177ac3fd16aaead67b28
SHA512

9e29abc5b50c25b57970d2fc7f36c98e91377d339f250e60ad331d61dbe3093fc11b8377d6956abc49c7d679af8921312e727e1d7df59a45a367c523cabfecc5
SSDEEP

6144:ewmYPr2XmiBrJWkg00Rd4CHLLjLyer4loRWJRisVpRCnetDH02mKiwm:eSQ0kfKGQjy/lo2c8bLLi

Score

N/A

Malware Config

Signatures

Files

d9895cf6ab796842df638d61206495453f61b8977b73177ac3fd16aaead67b28
.dll windows x86

65d1c3d7105135068385942945f57f1c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareStringW
ExitProcess
FileTimeToLocalFileTime
GetCommandLineA
GetCommandLineW
GetCurrentThread
GetEnvironmentStringsA
GetModuleHandleA
GetTimeFormatA
GetVersionExA
GlobalAddAtomA
GlobalUnlock
HeapAlloc
HeapCreate
InterlockedExchange
InterlockedIncrement
IsValidCodePage
LCMapStringA
LCMapStringW
LoadLibraryA
PulseEvent
ReadFile
SetEnvironmentVariableA
TerminateThread
TlsFree
VirtualAlloc
WaitForMultipleObjects
lstrcpynA

advapi32

GetAccessPermissionsForObjectA
LookupSecurityDescriptorPartsW
ConvertAccessToSecurityDescriptorA

msvcrt

exit
sscanf
__set_app_type
_stricmp
__getmainargs
realloc
rand
__p__commode
printf

ole32

CoRevokeMallocSpy
CoDeactivateObject
IsEqualGUID
CoCancelCall

ddraw

DirectDrawEnumerateW
DirectDrawCreateClipper
GetDDSurfaceLocal

crypt32

CryptUnregisterDefaultOIDFunction
CryptFindLocalizedName
CertVerifyValidityNesting
CertVerifyCTLUsage

Exports

Exports

GetMaximumZoomPos

Sections

.text
Size: 176KB - Virtual size: 176KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 152KB - Virtual size: 152KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

65d1c3d7105135068385942945f57f1c

Headers

File Characteristics

Imports

kernel32

advapi32

msvcrt

ole32

ddraw

crypt32

Exports

Exports

Sections

.text Size: 176KB - Virtual size: 176KB

.data Size: 152KB - Virtual size: 152KB

.rsrc Size: 4KB - Virtual size: 4KB

.reloc Size: 4KB - Virtual size: 4KB

.text
Size: 176KB - Virtual size: 176KB

.data
Size: 152KB - Virtual size: 152KB

.rsrc
Size: 4KB - Virtual size: 4KB

.reloc
Size: 4KB - Virtual size: 4KB