b0e7311046799aa1238d7a775be02f45eaa1c65a65642c3bc071d1e95f931e15

General

Target

b0e7311046799aa1238d7a775be02f45eaa1c65a65642c3bc071d1e95f931e15
Size

592KB
MD5

e93a1780aa5de3b9f57dbb67aa1f96d0
SHA1

4572fd3a587c9d2a832442a015077a93ba0bb632
SHA256

b0e7311046799aa1238d7a775be02f45eaa1c65a65642c3bc071d1e95f931e15
SHA512

23d908b1a4cd1f64aa72292d8a26561e2c1d7861b4246e389a37298807caca00f328bb43fd1129cefe8caf41a4376e8990b0a11839b336583d2a6576a2c9eadd
SSDEEP

12288:i2tEgJZ7t9xdrA9evW2b4goBNSxS98RD8rXKQ3kILLVC:nthJZxBPogoBV9GIzKQ3FLV

Score

N/A

Malware Config

Signatures

Files

b0e7311046799aa1238d7a775be02f45eaa1c65a65642c3bc071d1e95f931e15
.dll windows x86

d8e75a0a34f5173d244675d82ff76035

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetWindowRect
DdePostAdvise
GetDC
GetDesktopWindow
ClientToScreen
MessageBoxA
FillRect
GetParent
ReleaseDC
GetClientRect
DestroyWindow
GetWindowThreadProcessId
UnhookWindowsHookEx
WindowFromDC
wsprintfA

kernel32

WriteFile
TlsSetValue
InitializeCriticalSection
TlsGetValue
DeleteCriticalSection
GetTempPathA
LoadLibraryA
GetCurrentThread
VirtualFree
TlsFree
GetCurrentThreadId
GlobalFree
GetStartupInfoA
GetModuleFileNameA
VirtualAlloc
GetTickCount
LeaveCriticalSection
TlsAlloc
GetProcAddress
GlobalAlloc
QueryDepthSList
SetLastError
GlobalSize
Sleep
SetThreadPriority
CreateFileA
FreeLibrary
GetDateFormatA
EnterCriticalSection
Module32Next
GetModuleHandleA
GetLastError
GetVersionExA

advapi32

RegOpenKeyExA
RegQueryValueExA
RegCloseKey

msvcrt

fgets
sprintf
memcpy
fread
fseek
fwrite
memmove
atol
rand
realloc
fclose
strcmp
_assert
exit
fprintf
sqrt
ftell
malloc
atof
strcpy
_ftol
strtok
atoi
ungetc
memset
memcmp
bsearch
_stricmp
abort
calloc
strncmp
getenv
free
_CIpow
printf
strstr
fopen
_iob
sscanf

Exports

Exports

AsEncodedObject
AsFile
CallFunctionObjArgs
File
Parse
ReferenceError
get_io_ptr
set_pHYs
start_read_image

Sections

.text
Size: 184KB - Virtual size: 183KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 72KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 112KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 212KB - Virtual size: 210KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d8e75a0a34f5173d244675d82ff76035

Headers

File Characteristics

Imports

user32

kernel32

advapi32

msvcrt

Exports

Exports

Sections

.text Size: 184KB - Virtual size: 183KB

.rdata Size: 72KB - Virtual size: 71KB

.data Size: 112KB - Virtual size: 112KB

.rsrc Size: 212KB - Virtual size: 210KB

.reloc Size: 8KB - Virtual size: 7KB

.text
Size: 184KB - Virtual size: 183KB

.rdata
Size: 72KB - Virtual size: 71KB

.data
Size: 112KB - Virtual size: 112KB

.rsrc
Size: 212KB - Virtual size: 210KB

.reloc
Size: 8KB - Virtual size: 7KB