c35176c83863749b55bd976aa2401a06913f12bcc9ad0b8766c9a8a69fcc8d86

General

Target

c35176c83863749b55bd976aa2401a06913f12bcc9ad0b8766c9a8a69fcc8d86
Size

604KB
MD5

3b38fc1d9455415aa23b62906c385f10
SHA1

6b5fe4dc8f8d822fc626c413db4de0fce241ad74
SHA256

c35176c83863749b55bd976aa2401a06913f12bcc9ad0b8766c9a8a69fcc8d86
SHA512

bcf6b4b0eab0925ea8d52abced5abb9c11c692620dc6c3799d6906fc75ce50b24cd90e62383f271a9bdf402ca622a8821bafc0043cddfbe13e6779091d08f117
SSDEEP

12288:Sly3VCEWG+xyz0G8P5HoTyL9DGf/RzsyjS2hoQAGoyFuOUTr:S6VCEWG+gZ29pm/RzfjhGQAQuOUT

Score

N/A

Malware Config

Signatures

Files

c35176c83863749b55bd976aa2401a06913f12bcc9ad0b8766c9a8a69fcc8d86
.dll windows x86

c1e79fa5bd42ab04c82a77a6332b9015

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

UnhookWindowsHookEx
GetWindowThreadProcessId
WindowFromDC
GetWindowRect
WINNLSGetEnableStatus
GetClientRect
GetParent
wsprintfA
PrintWindow
GetDC
MessageBoxA
ReleaseDC

msvcrt

_stricmp
printf
fread
_iob
memset
rand
fopen
_ftol
strtok
_CIpow
fprintf
getenv
memmove
strcmp
fgets
abort
strstr
sprintf
bsearch
memcpy
fwrite
_assert
exit
ftell
malloc
sqrt
strcpy
atoi
fseek
strncmp
fclose
calloc
free
atol
sscanf
realloc

kernel32

TlsGetValue
GlobalSize
GetStartupInfoA
GetVersionExA
FlushConsoleInputBuffer
LoadLibraryA
GetProcAddress
TlsSetValue
InitializeCriticalSection
VirtualAlloc
EnterCriticalSection
GlobalFree
GlobalAlloc
Sleep
VirtualFree
DeleteCriticalSection
GetCurrentThread
CreateFileA
GetModuleHandleA
GetDateFormatA
SetThreadPriority
LeaveCriticalSection
GetCurrentThreadId
IsBadReadPtr
GetTickCount
TlsAlloc
SetLastError
FreeLibrary
GetLastError
QueryPerformanceCounter
GetModuleFileNameA
TlsFree

advapi32

RegCloseKey
RegQueryValueExA
RegOpenKeyExA

Exports

Exports

_setsig
convert_to_rfc1123
set_read_fn
write_init_3

Sections

.text
Size: 192KB - Virtual size: 191KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 76KB - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 112KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 208KB - Virtual size: 206KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c1e79fa5bd42ab04c82a77a6332b9015

Headers

File Characteristics

Imports

user32

msvcrt

kernel32

advapi32

Exports

Exports

Sections

.text Size: 192KB - Virtual size: 191KB

.rdata Size: 76KB - Virtual size: 75KB

.data Size: 112KB - Virtual size: 112KB

.rsrc Size: 208KB - Virtual size: 206KB

.reloc Size: 12KB - Virtual size: 9KB

.text
Size: 192KB - Virtual size: 191KB

.rdata
Size: 76KB - Virtual size: 75KB

.data
Size: 112KB - Virtual size: 112KB

.rsrc
Size: 208KB - Virtual size: 206KB

.reloc
Size: 12KB - Virtual size: 9KB