9604a7c4958186224db6fcaee763bb0e38614ead325c932018b43ab2ef208368

Sharing

Copy URL Twitter E-mail

General

Target

9604a7c4958186224db6fcaee763bb0e38614ead325c932018b43ab2ef208368
Size

47KB
MD5

3358fa09f9d87977ae63cf60ee767bc5
SHA1

dd9d1c21f724c5479592daecb6dcdad60d021ee7
SHA256

9604a7c4958186224db6fcaee763bb0e38614ead325c932018b43ab2ef208368
SHA512

8b79fad223f445d21d90a140f8cdf8983939d3d3d7494174063b3bf2f5b56e2ba6e9346c98880f5f7a1a5248b65c178a4dd9f3684c2108803ddbea1ff5f25184
SSDEEP

768:5H62dy7TrmhA4C7lZ6cQ88nSjSGwNXW+saaZC0RL8j2enlnZqb9+hzuH6O2ge+d:I0kOAzvLpAXOpI0RL4W98z1Ojee

Score

N/A

Malware Config

Signatures

Files

9604a7c4958186224db6fcaee763bb0e38614ead325c932018b43ab2ef208368
.exe windows x86

6f6245f551a5e543cd342cd5ab8bd5ec

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

RegisterClassW
PostQuitMessage
DefWindowProcW

kernel32

GetSystemTimeAsFileTime
SetCommBreak
SetUserGeoID
GetDriveTypeA
GetEnvironmentStringsW
TransmitCommChar
SetFileApisToANSI
Process32Next
OutputDebugStringA
SetConsoleCursorPosition
GetNumaNodeProcessorMask
VirtualAlloc
PrepareTape
ExpandEnvironmentStringsW
SetLastError
IsDebuggerPresent
SetProcessWorkingSetSize
SetThreadLocale
GetDefaultCommConfigW
InitializeCriticalSection
IsValidLocale
ExitProcess
LoadLibraryA
CreateMailslotA
SetLocalTime
FindClose
GetNumaHighestNodeNumber

msls31

LsGetTatenakayokoLsimethods
LsFetchAppendToCurrentSubline
LsGetReverseLsimethods
LsSetBreakSubline
LsQueryLinePointPcp
LsdnResetObjDim
LsResetRMInCurrentSubline
LsLwMultDivR
LsdnGetFormatDepth
LsSetExpansion
LsCreateSubline
LsdnFinishRegularAddAdvancePen
LsdnSetRigidDup
LsdnSkipCurTab
LsMatchPresSubline
LsDisplayLine

msvcrt

_wremove
ungetc
__CxxCallUnwindDtor
fputc
memcpy
_mbsstr
_spawnve
_ismbbpunct
_heapused
_wcsrev
_EH_prolog
_wenviron
_cputws
ceil
__crtGetStringTypeW
_mbsicoll
memcmp
setbuf
acos
_fpreset
ispunct
_hypot
_endthreadex
_mbsnicoll
_CIcos

msvcirt

?sputn@streambuf@@QAEHPBDH@Z
??4streambuf@@QAEAAV0@ABV0@@Z
?pbase@streambuf@@IBEPADXZ
?is_open@fstream@@QBEHXZ
??_8stdiostream@@7Bistream@@@
??0Iostream_init@@QAE@XZ
?fd@filebuf@@QBEHXZ
??_Estrstreambuf@@UAEPAXI@Z
??0iostream@@QAE@PAVstreambuf@@@Z
?get@istream@@IAEAAV1@PADHH@Z
??5istream@@QAEAAV0@AAF@Z
??5istream@@QAEAAV0@P6AAAV0@AAV0@@Z@Z
?sh_none@filebuf@@2HB
??_8strstream@@7Bistream@@@
??_8stdiostream@@7Bostream@@@
??5istream@@QAEAAV0@AAN@Z
??_Eistream_withassign@@UAEPAXI@Z
?out_waiting@streambuf@@QBEHXZ
??0istrstream@@QAE@ABV0@@Z
?endl@@YAAAVostream@@AAV1@@Z
??_Gistream_withassign@@UAEPAXI@Z
??6ostream@@QAEAAV0@D@Z

d3dim

Direct3D_HALCleanUp
Direct3DGetSWRastZPixFmts
D3DRealloc
Direct3DCreate
FlushD3DDevices
FlushD3DDevices2
D3DFree
D3DMalloc
Direct3DCreateDevice
SurfaceFlipNotify
Direct3DCreateTexture
PaletteAssociateNotify
PaletteUpdateNotify

wshext

PutSignedDataMsg
IsFileSupportedName
RemoveSignedDataMsg
GetSignedDataMsg
VerifyIndirectData
CreateIndirectData

Sections

.text
Size: 38KB - Virtual size: 37KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6f6245f551a5e543cd342cd5ab8bd5ec

Headers

DLL Characteristics

File Characteristics

Imports

user32

kernel32

msls31

msvcrt

msvcirt

d3dim

wshext

Sections

.text Size: 38KB - Virtual size: 37KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 2KB - Virtual size: 2KB

.rsrc Size: 1KB - Virtual size: 1KB

.text
Size: 38KB - Virtual size: 37KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 1KB - Virtual size: 1KB