b85d9d941086cb99944846806bfc3ad0bb22e2be3bda2f81be46a14918ca7eab

Sharing

Copy URL Twitter E-mail

General

Target

b85d9d941086cb99944846806bfc3ad0bb22e2be3bda2f81be46a14918ca7eab
Size

418KB
MD5

8f3846427da64d023b55c3bdca18462b
SHA1

15536de48574fa941436eb78caaa742687d9d107
SHA256

b85d9d941086cb99944846806bfc3ad0bb22e2be3bda2f81be46a14918ca7eab
SHA512

c75f6a92f99af390eb7aff51d7bfec756d8c0861739063067f10656d2c93681ee40c701e4ff18e4f2e0e04ef6c845d949f23aa1e52365b6d14fc7c938fe6bc47
SSDEEP

12288:1K6SwZO01ueJwcNoeVcmupWKAJTV55Lyv+/wj:13SEO01fNoeFXVveKwj

Score

N/A

Malware Config

Signatures

Files

b85d9d941086cb99944846806bfc3ad0bb22e2be3bda2f81be46a14918ca7eab
.dll windows x86

6adcf883f23479e100562eda71ddaa2f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CreateStreamOnHGlobal

dinput

DirectInputCreateA

gdi32

CreateFontIndirectA
DeleteDC
DeleteEnhMetaFile
DeleteObject
ExtTextOutA
ExtTextOutW
GetFontLanguageInfo
GetGlyphOutlineA
GetMetaRgn
CreateDIBSection
GetTextMetricsA
GetTextMetricsW
PolyDraw
SelectObject
SetBkColor
SetBkMode
SetMapMode
SetTextAlign
GetObjectA
CreateCompatibleDC
CloseFigure

msvcrt

tolower
qsort
memmove
memcpy
malloc
iswspace
iswprint
iswalpha
free
floor
bsearch
_vsnprintf
_unlock
_stricmp
_j0
_ismbbpunct
_initterm
_atoi64
_amsg_exit
__dllonexit
_Strftime
_CxxThrowException
_CIsqrt
_CIsin
_CIatan
_CIasin
_CIacos

advapi32

RegQueryValueExA
RegCloseKey
CreateProcessWithLogonW
RemoveTraceCallback

kernel32

WaitForSingleObject
WideCharToMultiByte
UnhandledExceptionFilter
TryEnterCriticalSection
TerminateProcess
SizeofResource
SetThreadContext
RtlUnwind
ReleaseMutex
ReadFile
QueryPerformanceCounter
Process32Next
OutputDebugStringA
OpenThread
MultiByteToWideChar
MapUserPhysicalPagesScatter
LockResource
LocalAlloc
LoadResource
LoadLibraryA
LeaveCriticalSection
IsValidLanguageGroup
IsProcessorFeaturePresent
IsBadHugeWritePtr
InterlockedIncrement
WriteTapemark
VirtualAlloc
_llseek
WaitForMultipleObjects
CloseHandle
CreateFileA
CreateMutexA
CreateThread
DisableThreadLibraryCalls
EnterCriticalSection
ExitProcess
FindResourceA
GetACP
GetCommProperties
GetCommandLineA
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetFullPathNameW
GetLastError
GetMailslotInfo
GetModuleFileNameA
GetModuleHandleA
GetNumberOfConsoleInputEvents
GetProcessAffinityMask
GetProcessPriorityBoost
GetSystemTimeAsFileTime
GetThreadPriorityBoost
GetTickCount
GetVersion
InterlockedCompareExchange
InterlockedExchange

Exports

Exports

Compile
GetItemString
InPlaceLshift
Instance_New
Occurred
ParseFileFlags
ReadObjectFromFile
WriteString
get_user_chunk_ptr

Sections

.text
Size: 75KB - Virtual size: 74KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 249KB - Virtual size: 248KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 70KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6adcf883f23479e100562eda71ddaa2f

Headers

File Characteristics

Imports

ole32

dinput

gdi32

msvcrt

advapi32

kernel32

Exports

Exports

Sections

.text Size: 75KB - Virtual size: 74KB

.rdata Size: 249KB - Virtual size: 248KB

.data Size: 70KB - Virtual size: 70KB

.rsrc Size: 19KB - Virtual size: 19KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 75KB - Virtual size: 74KB

.rdata
Size: 249KB - Virtual size: 248KB

.data
Size: 70KB - Virtual size: 70KB

.rsrc
Size: 19KB - Virtual size: 19KB

.reloc
Size: 4KB - Virtual size: 3KB