bb9bb850c27152f33b3c683a87de3b5dde4c9c186b5440d4d2a3ab7d3e0830b8

Sharing

Copy URL Twitter E-mail

General

Target

bb9bb850c27152f33b3c683a87de3b5dde4c9c186b5440d4d2a3ab7d3e0830b8
Size

418KB
MD5

ec3ddb2ab4547d78a012c0131e25f11e
SHA1

901b659fa1b8c5d9d11f893d1c68c265aab65603
SHA256

bb9bb850c27152f33b3c683a87de3b5dde4c9c186b5440d4d2a3ab7d3e0830b8
SHA512

5e5c25dcd3eff2db2abeb10398d357ce11d1dfcab081c45c707881e10cabc969b27732bacb995f8075c77ead5c8568d4482ac85ba4b7b665a38ef6fda49d1b31
SSDEEP

6144:o/DG60tnHET7vmhqWqYmLGijD9ypcHHZkOe1lZfO/i5tDjGiIcXqGinBYz:o/DvgSLLGijDkynZkOmlZcWdiicGy

Score

N/A

Malware Config

Signatures

Files

bb9bb850c27152f33b3c683a87de3b5dde4c9c186b5440d4d2a3ab7d3e0830b8
.dll windows x86

315981afb9a27a04a382cd6188fc7ef6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

ExtTextOutW
GdiGetBatchLimit
GetObjectA
ExtTextOutA
GetTextMetricsW
SelectObject
SetMapMode
DeleteDC
DeleteObject
CreateFontIndirectW
CreateFontIndirectA
CreateDIBSection
GetTextMetricsA
CreateCompatibleDC

dinput

DirectInputCreateA

advapi32

RegCloseKey
CryptImportKey
CloseTrace
RegEnumKeyExA

msvcrt

tolower
sqrt
qsort
malloc
iswspace
free
floor
_vsnprintf
_unlock
_lsearch
_j0
_initterm
_finite
_amsg_exit
__threadid
__p__winver
__dllonexit
__RTDynamicCast
__CxxLongjmpUnwind
_XcptFilter
_CxxThrowException
_CIsqrt
_CIacos

kernel32

_lopen
WriteTapemark
WriteConsoleOutputAttribute
WideCharToMultiByte
WaitForSingleObject
WaitForMultipleObjects
VirtualAlloc
UnhandledExceptionFilter
TerminateProcess
SizeofResource
SetupComm
SetThreadContext
RtlUnwind
ResetWriteWatch
ReleaseMutex
ReadFile
ReadConsoleOutputAttribute
QueryPerformanceFrequency
QueryPerformanceCounter
OutputDebugStringA
MultiByteToWideChar
Module32NextW
LockResource
CloseHandle
CreateFileA
CreateMutexA
CreateThread
DisableThreadLibraryCalls
ExitProcess
FindResourceA
FreeLibrary
GetCommandLineA
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetFullPathNameW
GetMailslotInfo
GetModuleHandleA
GetProcessAffinityMask
GetProcessPriorityBoost
GetSystemTimeAsFileTime
GetThreadPriorityBoost
GetTickCount
GetVersion
InterlockedExchange
InterlockedIncrement
IsProcessorFeaturePresent
LoadLibraryA

ole32

CreateStreamOnHGlobal

Exports

Exports

Int_Fini
Print
SyntaxLocation
create_read_struct
get_header_version
reset_zstream
vLoadModuleA

Sections

.text
Size: 70KB - Virtual size: 69KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 244KB - Virtual size: 244KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 69KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

315981afb9a27a04a382cd6188fc7ef6

Headers

File Characteristics

Imports

gdi32

dinput

advapi32

msvcrt

kernel32

ole32

Exports

Exports

Sections

.text Size: 70KB - Virtual size: 69KB

.rdata Size: 244KB - Virtual size: 244KB

.data Size: 69KB - Virtual size: 70KB

.rsrc Size: 29KB - Virtual size: 29KB

.reloc Size: 3KB - Virtual size: 3KB

.text
Size: 70KB - Virtual size: 69KB

.rdata
Size: 244KB - Virtual size: 244KB

.data
Size: 69KB - Virtual size: 70KB

.rsrc
Size: 29KB - Virtual size: 29KB

.reloc
Size: 3KB - Virtual size: 3KB