b55b4b1b18b382d490889b8d40861f44d18f4a8d14b0303da0cb7c6426896609

General

Target

b55b4b1b18b382d490889b8d40861f44d18f4a8d14b0303da0cb7c6426896609
Size

600KB
MD5

1a331679a7458ed65bdabb59658e07f0
SHA1

41e977e382a8d2f4361eaacea4000097b5fdb141
SHA256

b55b4b1b18b382d490889b8d40861f44d18f4a8d14b0303da0cb7c6426896609
SHA512

ec0838c198d4addd6e5a6f6825fc7144df5ba977820fb2e93f0cc91c2ee29a49ac1aa609cbdadd09f5ff7066d552b6a9787716faeec3238fd92d43a09929316d
SSDEEP

12288:mcqWQLv/GuPoRbxXnl1y87F5dEzA2UX3hnXF8gwRC:mGsv/GhfFVyoXFRwR

Score

N/A

Malware Config

Signatures

Files

b55b4b1b18b382d490889b8d40861f44d18f4a8d14b0303da0cb7c6426896609
.dll windows x86

a159121022dceb8854af17f87a5a16a0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetThreadPriority
DeleteCriticalSection
GetVersionExA
GetModuleHandleA
GetLastError
VirtualFree
GetDateFormatA
TlsSetValue
GetModuleFileNameA
GetStartupInfoA
LoadLibraryA
TlsGetValue
LeaveCriticalSection
FreeLibrary
CreateFileA
GetCurrentThreadId
GlobalFree
GlobalSize
Sleep
EnterCriticalSection
GetTickCount
IsBadReadPtr
GlobalAlloc
InitializeCriticalSection
GetProcAddress
TlsAlloc
SetLastError
QueryPerformanceCounter
VirtualAlloc
TlsFree

msvcrt

getenv
sprintf
bsearch
strstr
realloc
free
malloc
strcmp
_assert
strcpy
fgets
_CIpow
strncmp
fseek
fprintf
exit
memmove
fread
_ftol
memcpy
fopen
ftell
calloc
atoi
fwrite
_stricmp
_iob
strtok
memset
rand
atol
sscanf
fclose
abort

advapi32

RegQueryValueExA
RegCloseKey
RegOpenKeyExA

user32

wsprintfA
GetParent
MessageBoxA
GetWindowRect
GetWindowThreadProcessId
WindowFromDC
ReleaseDC
GetDC

Exports

Exports

Clear
HasKeyString
MemberDescr_Type
Node_Free
Print
RuntimeError
StringAFini
set_error_fn
set_gAMA

Sections

.text
Size: 196KB - Virtual size: 195KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 76KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 112KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 200KB - Virtual size: 199KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a159121022dceb8854af17f87a5a16a0

Headers

File Characteristics

Imports

kernel32

msvcrt

advapi32

user32

Exports

Exports

Sections

.text Size: 196KB - Virtual size: 195KB

.rdata Size: 76KB - Virtual size: 73KB

.data Size: 112KB - Virtual size: 112KB

.rsrc Size: 200KB - Virtual size: 199KB

.reloc Size: 12KB - Virtual size: 11KB

.text
Size: 196KB - Virtual size: 195KB

.rdata
Size: 76KB - Virtual size: 73KB

.data
Size: 112KB - Virtual size: 112KB

.rsrc
Size: 200KB - Virtual size: 199KB

.reloc
Size: 12KB - Virtual size: 11KB