df3da72587932ef022fe701738aa0057a6fd8b0a4f531cb8f8a76b0764e137e0

Sharing

Copy URL Twitter E-mail

General

Target

df3da72587932ef022fe701738aa0057a6fd8b0a4f531cb8f8a76b0764e137e0
Size

35KB
MD5

11b5e098d6b9793d29bf909d4d66fb16
SHA1

4f074bc1c5a0b9190c4b9f011a40a571f1f872c1
SHA256

df3da72587932ef022fe701738aa0057a6fd8b0a4f531cb8f8a76b0764e137e0
SHA512

fb9926ba00f5151eadffe2824f4e34dd848134f961b6852c470fa1efb3f94acf8ea28ca51b7ad816fe02954557ee83654dcfffcd087979de1749e8b8f1aaabfb
SSDEEP

768:IjYT5SN1/aF7sa+jsGsI6WEh9NifES9tpRF7Q/9:IjySNg7sa+NeWm/wzRF7u9

Score

N/A

Malware Config

Signatures

Files

df3da72587932ef022fe701738aa0057a6fd8b0a4f531cb8f8a76b0764e137e0
.dll windows x86

83aede411c23ccab5358db09e4c20780

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileSize
SetFilePointer
GetLastError
CreateEventA
GetModuleFileNameA
GetTempPathA
GetWindowsDirectoryA
ReadFile
SetFileAttributesA
ExitProcess
GetCommandLineA
CreateMutexA
IsBadReadPtr
GetCurrentDirectoryA
GetModuleHandleA
WaitForSingleObject
CreateThread
Sleep
GetSystemDirectoryA
MultiByteToWideChar
DeleteFileA
GlobalLock
CreateFileA
WriteFile
GlobalUnlock
GlobalFree
CloseHandle
LoadLibraryA
GetProcAddress
GlobalAlloc
VirtualProtect

user32

RegisterWindowMessageA
wsprintfA
ToAscii
GetKeyboardState
RegisterShellHookWindow
GetParent
GetWindowThreadProcessId
EnumWindows
GetWindowTextA
GetClassNameA
GetWindowRect
GetDC
GetDesktopWindow
MapVirtualKeyA
ReleaseDC
GetClientRect
CallWindowProcA
SetWindowLongA

gdi32

CreateDCA
GetDeviceCaps
DeleteDC
GetObjectA
GetStockObject
DeleteObject
BitBlt
SelectObject
CreateCompatibleBitmap
CreateCompatibleDC
GetDIBits
RealizePalette
SelectPalette

gdiplus

GdipSaveImageToFile
GdipLoadImageFromFile
GdiplusStartup
GdipGetImageEncoders
GdipGetImageEncodersSize
GdipFree
GdipAlloc
GdipCloneImage
GdipDisposeImage
GdiplusShutdown

msvcp60

??0_Lockit@std@@QAE@XZ
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?_C@?1??_Nullstr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@CAPBDXZ@4DB
?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
??0Init@ios_base@std@@QAE@XZ
??1Init@ios_base@std@@QAE@XZ
??0_Winit@std@@QAE@XZ
??1_Winit@std@@QAE@XZ
??1_Lockit@std@@QAE@XZ

ws2_32

connect
htons
closesocket
socket
recv
gethostbyname
inet_ntoa
send
WSAStartup
inet_addr
WSACleanup

msvcrt

_access
strrchr
strcat
memset
strchr
atoi
strncpy
strcmp
free
__dllonexit
_onexit
_initterm
_adjust_fdiv
_stricmp
_strlwr
_strrev
_getpid
strtok
strstr
abs
sprintf
malloc
wcscmp
strcpy
strlen
??2@YAPAXI@Z
memcpy
__CxxFrameHandler

netapi32

Netbios

Exports

Exports

AlphaBlend
DllInitialize
DriverProc
GradientFill
KsCreateAllocator
KsCreatePin
KsCreateTopologyNode
ServerMain
TransparentBlt
modMessage
modmCallback
vSetDdrawflag

Sections

.text
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 543KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

83aede411c23ccab5358db09e4c20780

Headers

File Characteristics

Imports

kernel32

user32

gdi32

gdiplus

msvcp60

ws2_32

msvcrt

netapi32

Exports

Exports

Sections

.text Size: 22KB - Virtual size: 22KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 3KB - Virtual size: 543KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 22KB - Virtual size: 22KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 3KB - Virtual size: 543KB

.reloc
Size: 4KB - Virtual size: 3KB