b90972c8715cadbb5ed87362c2487e10f01851ae9038f6313aacca863fdf7565

Sharing

Copy URL Twitter E-mail

General

Target

b90972c8715cadbb5ed87362c2487e10f01851ae9038f6313aacca863fdf7565
Size

436KB
MD5

9cc2f078e0895a9f10715e9c810439d0
SHA1

78c346daad9548ffaa90a6f585c898a7dd47a3b0
SHA256

b90972c8715cadbb5ed87362c2487e10f01851ae9038f6313aacca863fdf7565
SHA512

1bae33a9aeb68f22792d08cf100cebb242c7ab4bad024a32a23a954449b037352cc02c66fd96f25d96265835c42d867af61b8d8907382a1fbfc76c9686814941
SSDEEP

6144:WwhSbCJ9aRxf/Nqm5dywCBSosjgBFAXNDAsitPCa3ezWo4j/Rpo9o2NGInorqEnW:KO2TsSqBSo5BFAXa4V2rL1kIAyM9s

Score

N/A

Malware Config

Signatures

Files

b90972c8715cadbb5ed87362c2487e10f01851ae9038f6313aacca863fdf7565
.dll windows x86

315981afb9a27a04a382cd6188fc7ef6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

ExtTextOutW
GdiGetBatchLimit
GetObjectA
ExtTextOutA
GetTextMetricsW
SelectObject
SetMapMode
DeleteDC
DeleteObject
CreateFontIndirectW
CreateFontIndirectA
CreateDIBSection
GetTextMetricsA
CreateCompatibleDC

dinput

DirectInputCreateA

advapi32

RegCloseKey
CryptImportKey
CloseTrace
RegEnumKeyExA

msvcrt

tolower
sqrt
qsort
malloc
iswspace
free
floor
_vsnprintf
_unlock
_lsearch
_j0
_initterm
_finite
_amsg_exit
__threadid
__p__winver
__dllonexit
__RTDynamicCast
__CxxLongjmpUnwind
_XcptFilter
_CxxThrowException
_CIsqrt
_CIacos

kernel32

_lopen
WriteTapemark
WriteConsoleOutputAttribute
WideCharToMultiByte
WaitForSingleObject
WaitForMultipleObjects
VirtualAlloc
UnhandledExceptionFilter
TerminateProcess
SizeofResource
SetupComm
SetThreadContext
RtlUnwind
ResetWriteWatch
ReleaseMutex
ReadFile
ReadConsoleOutputAttribute
QueryPerformanceFrequency
QueryPerformanceCounter
OutputDebugStringA
MultiByteToWideChar
Module32NextW
LockResource
CloseHandle
CreateFileA
CreateMutexA
CreateThread
DisableThreadLibraryCalls
ExitProcess
FindResourceA
FreeLibrary
GetCommandLineA
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetFullPathNameW
GetMailslotInfo
GetModuleHandleA
GetProcessAffinityMask
GetProcessPriorityBoost
GetSystemTimeAsFileTime
GetThreadPriorityBoost
GetTickCount
GetVersion
InterlockedExchange
InterlockedIncrement
IsProcessorFeaturePresent
LoadLibraryA

ole32

CreateStreamOnHGlobal

Exports

Exports

Addr2Line
Dir
ExceptionMatches
MemberDescr_Type
SyntaxWarning
_Readline
read_end
set_pCAL

Sections

.text
Size: 67KB - Virtual size: 67KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 254KB - Virtual size: 254KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 69KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

315981afb9a27a04a382cd6188fc7ef6

Headers

File Characteristics

Imports

gdi32

dinput

advapi32

msvcrt

kernel32

ole32

Exports

Exports

Sections

.text Size: 67KB - Virtual size: 67KB

.rdata Size: 254KB - Virtual size: 254KB

.data Size: 69KB - Virtual size: 71KB

.rsrc Size: 40KB - Virtual size: 39KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 67KB - Virtual size: 67KB

.rdata
Size: 254KB - Virtual size: 254KB

.data
Size: 69KB - Virtual size: 71KB

.rsrc
Size: 40KB - Virtual size: 39KB

.reloc
Size: 4KB - Virtual size: 3KB