ec2e64f1c77e476c600ad2c0c5fa08a626f9d2301c9cf15126b275e8db37afc5

General

Target

ec2e64f1c77e476c600ad2c0c5fa08a626f9d2301c9cf15126b275e8db37afc5
Size

348KB
MD5

7d849bc76c007a59786aa7d76a498a50
SHA1

33276903ed2ce0e1fc6e6315aa70825c4fc482bb
SHA256

ec2e64f1c77e476c600ad2c0c5fa08a626f9d2301c9cf15126b275e8db37afc5
SHA512

b4d9e45ec9264f233b65e2d2a9a338b263edcafdf450a2f8bc45050a8e20a955c4a8bb1398ffd9676ce939c2931587a62f16427823200d6e401eb4da42ac5511
SSDEEP

6144:cTdBHHhBfPelKKQA7/uTWd7nEAl/l6hee/pwxbDUN8ZAO16/:odBHBBPeTL5aYeobDD/g/

Score

N/A

Malware Config

Signatures

Files

ec2e64f1c77e476c600ad2c0c5fa08a626f9d2301c9cf15126b275e8db37afc5
.dll windows x86

064680cea4ea0a0044833894f07e1cd1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

ReleaseDC
DestroyWindow
ClientToScreen
FillRect
GetParent
WindowFromDC
GetClientRect
GetDesktopWindow
GetWindowThreadProcessId
MessageBoxA
UnhookWindowsHookEx
wsprintfA
GetWindowRect
GetDC

msvcrt

fgets
rand
malloc
_filbuf
_assert
strcpy
memcpy
_ftol
_iob
abort
_CIpow
fprintf
ftell
sscanf
fseek
memmove
atoi
strncmp
free
fclose
fread
exit
fopen
fwrite
_stricmp
ungetc
strstr
bsearch
strcmp
sqrt
realloc
atol
memcmp
sprintf
atof
getenv
calloc
printf
memset
strtok

kernel32

GlobalSize
GetVersionExA
GetTickCount
GlobalAlloc
LoadLibraryA
Sleep
DeleteCriticalSection
GetStartupInfoA
GetModuleHandleA
GetTempPathA
SetThreadPriority
FreeLibrary
GlobalFree
VirtualAlloc
TlsFree
GetCurrentThreadId
EnterCriticalSection
GetProcAddress
GetLastError
SetLastError
GetCurrentThread
CreateFileA
GetModuleFileNameA
InitializeCriticalSection
TlsGetValue
WriteFile
LeaveCriticalSection
GetDateFormatA
TlsSetValue
VirtualFree
TlsAlloc

advapi32

RegOpenKeyExA
RegCloseKey
RegQueryValueExA

Exports

Exports

GetFuncDesc
GetGlobals
WriteLongToFile
set_gray_to_rgb

Sections

.text
Size: 108KB - Virtual size: 107KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 112KB - Virtual size: 111KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 76KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

064680cea4ea0a0044833894f07e1cd1

Headers

File Characteristics

Imports

user32

msvcrt

kernel32

advapi32

Exports

Exports

Sections

.text Size: 108KB - Virtual size: 107KB

.rdata Size: 112KB - Virtual size: 111KB

.data Size: 40KB - Virtual size: 40KB

.rsrc Size: 76KB - Virtual size: 74KB

.reloc Size: 8KB - Virtual size: 7KB

.text
Size: 108KB - Virtual size: 107KB

.rdata
Size: 112KB - Virtual size: 111KB

.data
Size: 40KB - Virtual size: 40KB

.rsrc
Size: 76KB - Virtual size: 74KB

.reloc
Size: 8KB - Virtual size: 7KB