ec908ca6c74557326a6f76360a7d8d9a07cfffac49a83ed281cb811b0c2c78ae

Sharing

Copy URL Twitter E-mail

General

Target

ec908ca6c74557326a6f76360a7d8d9a07cfffac49a83ed281cb811b0c2c78ae
Size

280KB
MD5

7baa0ffa498f899db9cbdd9688864850
SHA1

267492a2e3cb86ec4fe095a990deeae98a49da2e
SHA256

ec908ca6c74557326a6f76360a7d8d9a07cfffac49a83ed281cb811b0c2c78ae
SHA512

974681e7776be2203861b002a3afe103c4355569705e3c9e499f767af482a4de537fda0adf8c806715c078afb750eca6896ec759ea95ea969318d1b5b658156c
SSDEEP

6144:dkpF4Kdk08PYgwoq9NWWDUls3fqbLeh5Py:dkpFZ8gg8Z3fqbLmPy

Score

N/A

Malware Config

Signatures

Files

ec908ca6c74557326a6f76360a7d8d9a07cfffac49a83ed281cb811b0c2c78ae
.dll windows x86

58ebeb79bb416fd14909558f7a8fde58

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ddraw

DirectDrawCreate

gdi32

CreateCompatibleDC
DeleteDC
DeleteObject
GetStockObject
SelectObject
CreateRectRgn
CreateDIBSection
GetObjectA
SetBkMode
SetDIBColorTable
SetTextColor
BitBlt
GetDIBColorTable
GetDeviceCaps
CreateFontA
GetTextMetricsA
SetTextAlign
GetTextExtentPoint32W
TextOutW
GetTextExtentPoint32A
TextOutA
CreateRectRgnIndirect
FillRgn

kernel32

GetFileAttributesA
CloseHandle
GetLastError
CreateFileA
SetFilePointer
ReadFile
WriteFile
GetModuleFileNameA
GetCurrentDirectoryA
SetCurrentDirectoryA
FindFirstFileA
FindNextFileA
GetShortPathNameA
CreateProcessA
MulDiv
MultiByteToWideChar
FindResourceA
LoadResource
SizeofResource
LockResource
GetVersionExA
GetModuleHandleA
GetProcAddress
lstrcpyA
CreateMutexA
WaitForSingleObject
ReleaseMutex
TlsAlloc
TlsFree
TlsGetValue
EnterCriticalSection
LeaveCriticalSection
TlsSetValue
GetCurrentThread
IsBadReadPtr
GetTickCount
ExitProcess
FindClose
DeleteFileA
GetCurrentProcess
DuplicateHandle
GetStdHandle
InitializeCriticalSection
DeleteCriticalSection
GlobalAlloc
GlobalFree
GetEnvironmentStrings
FreeEnvironmentStringsA
GetCommandLineA

shell32

SHGetFolderPathA

user32

MessageBoxA
LoadCursorA
SetCursor
ShowCursor
LoadImageA
GetDC
ReleaseDC
GetWindowRect
GetClientRect
MoveWindow
ShowWindow
GetSystemMetrics
SystemParametersInfoA
EnumDisplaySettingsA

winmm

timeGetTime

Exports

Exports

?Register_WC_API@@YAPAUWC_Visual_API@@PAXJ@Z
?Unregister_WC_API@@YAXXZ

Sections

.text
Size: 191KB - Virtual size: 191KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.exc
Size: 512B - Virtual size: 412B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 7KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 56KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

58ebeb79bb416fd14909558f7a8fde58

Headers

File Characteristics

Imports

ddraw

gdi32

kernel32

shell32

user32

winmm

Exports

Exports

Sections

.text Size: 191KB - Virtual size: 191KB

.rdata Size: 3KB - Virtual size: 3KB

.exc Size: 512B - Virtual size: 412B

.data Size: 16KB - Virtual size: 16KB

.CRT Size: 512B - Virtual size: 24B

.idata Size: 3KB - Virtual size: 2KB

.bss Size: - Virtual size: 7KB

.edata Size: 56KB - Virtual size: 56KB

.reloc Size: 7KB - Virtual size: 6KB

.text
Size: 191KB - Virtual size: 191KB

.rdata
Size: 3KB - Virtual size: 3KB

.exc
Size: 512B - Virtual size: 412B

.data
Size: 16KB - Virtual size: 16KB

.CRT
Size: 512B - Virtual size: 24B

.idata
Size: 3KB - Virtual size: 2KB

.bss
Size: - Virtual size: 7KB

.edata
Size: 56KB - Virtual size: 56KB

.reloc
Size: 7KB - Virtual size: 6KB