e737ab50a5654699eb429313235a40dfb2c14881e93d404c518c20e367e3330b

General

Target

e737ab50a5654699eb429313235a40dfb2c14881e93d404c518c20e367e3330b
Size

604KB
MD5

8f80a188686d19d328bc504931a8d600
SHA1

9936ff5f812c91ef15d833689bb2f4582943d587
SHA256

e737ab50a5654699eb429313235a40dfb2c14881e93d404c518c20e367e3330b
SHA512

644a4b993253b7b91436183936ed9de0015e44c27402d578709c2d587cbb97579726f0b019a7fb1249aeeb6b1c7675ec5ead64e919a9f20c39b5d2d84293391f
SSDEEP

12288:+42+Ad/tAv/scYoJ8X0L8oG8GDswGaQiGAblqO+JRcT:a+mVA37XOn8GdhFbcO+PcT

Score

N/A

Malware Config

Signatures

Files

e737ab50a5654699eb429313235a40dfb2c14881e93d404c518c20e367e3330b
.dll windows x86

48c8fb393694bb27b5070cfb554e3ae5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetWindowThreadProcessId
MessageBoxA
WINNLSGetEnableStatus
GetWindowRect
ReleaseDC
UnhookWindowsHookEx
wsprintfA
WindowFromDC
PrintWindow
GetDC
GetParent
GetClientRect

msvcrt

malloc
abort
bsearch
calloc
getenv
atol
memcpy
strstr
_CIpow
fprintf
atoi
sscanf
strcmp
exit
sprintf
ftell
fclose
_iob
memset
_assert
_ftol
strncmp
fread
fseek
fwrite
fgets
rand
realloc
strcpy
sqrt
_stricmp
strtok
printf
free
memmove
fopen

advapi32

RegOpenKeyExA
RegCloseKey
RegQueryValueExA

kernel32

LeaveCriticalSection
GetTickCount
GetStartupInfoA
QueryPerformanceCounter
InitializeCriticalSection
GetModuleHandleA
VirtualFree
GetCurrentThread
GetModuleFileNameA
GetProcAddress
TlsGetValue
TlsSetValue
GetVersionExA
EnterCriticalSection
IsBadReadPtr
Sleep
GetDateFormatA
VirtualAlloc
FlushConsoleInputBuffer
FreeLibrary
SetLastError
GetLastError
GetCurrentThreadId
DeleteCriticalSection
TlsAlloc
GlobalFree
GlobalSize
SetThreadPriority
CreateFileA
TlsFree
GlobalAlloc
LoadLibraryA

Exports

Exports

BlockSetup
CollFunction3
GetSelf
Troxy_New
ZeroDivisiError
get_oFFs
get_signature
vExecTokenA

Sections

.text
Size: 192KB - Virtual size: 188KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 80KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 112KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 208KB - Virtual size: 206KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

48c8fb393694bb27b5070cfb554e3ae5

Headers

File Characteristics

Imports

user32

msvcrt

advapi32

kernel32

Exports

Exports

Sections

.text Size: 192KB - Virtual size: 188KB

.rdata Size: 80KB - Virtual size: 76KB

.data Size: 112KB - Virtual size: 112KB

.rsrc Size: 208KB - Virtual size: 206KB

.reloc Size: 8KB - Virtual size: 7KB

.text
Size: 192KB - Virtual size: 188KB

.rdata
Size: 80KB - Virtual size: 76KB

.data
Size: 112KB - Virtual size: 112KB

.rsrc
Size: 208KB - Virtual size: 206KB

.reloc
Size: 8KB - Virtual size: 7KB