690f0e5e65cecc3308e1883aa89949753421bb5493fd7972dc859a0584ae1da0

Sharing

Copy URL

Twitter E-mail

General

Target

690f0e5e65cecc3308e1883aa89949753421bb5493fd7972dc859a0584ae1da0
Size

496KB
MD5

581789002de60d89001a720a72d2e150
SHA1

800913c226cabd0fb864f41967c0e635ec0f8409
SHA256

690f0e5e65cecc3308e1883aa89949753421bb5493fd7972dc859a0584ae1da0
SHA512

fe7ebe9bce94fd1192a9daa81e41960d0099666c9d694ce3b6bc08bdb11e54e2936d89cf555173f6f2745eb4e0b3da747f22b2b0b785b6349118764acb6de892
SSDEEP

12288:8E3rPMVLqffhzDHy4+ILMmn4Kiy8cO/4OhIJgoqxyx+slevGFi6SrbuDqL6xcGYe:8E3rPMV+fpfHjlUxgSv56SXwq+xWrsa

Score

N/A

Malware Config

Signatures

Files

690f0e5e65cecc3308e1883aa89949753421bb5493fd7972dc859a0584ae1da0
.dll windows x86

f65f3268243a846c0ce26dd4e0bb49a8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

pncrt

printf
_mbctype
_adjust_fdiv
_initterm
__dllonexit
_telli64
_lseeki64
_chsize
_fstat
_ftol
strtod
isdigit
_onexit
_errno
_vsnprintf
tolower
memmove
atof
atol
sscanf
_purecall
strtok
rand
fopen
fread
isspace
fclose
realloc
malloc
wcslen
abort
strchr
toupper
atoi
strtol
qsort
strncmp
strrchr
_stricmp
free
_strdup
strncpy
strstr
sprintf
??2@YAPAXI@Z
??3@YAXPAX@Z
_unlink
_write
_read
_tell
_lseek
_sopen
_open
_creat
_close
_putenv
_strnicmp
_itoa
_stat
_strcmpi
_strlwr
_strupr

ole32

CoCreateInstance
CoUninitialize
CoInitialize

kernel32

GlobalUnlock
SetErrorMode
GetSystemInfo
GetVersionExA
GlobalAlloc
DisableThreadLibraryCalls
GetTempFileNameA
CreateFileMappingA
MapViewOfFile
UnmapViewOfFile
GetTempPathA
InterlockedDecrement
InterlockedIncrement
GetLastError
FreeLibrary
GetModuleFileNameA
GetCurrentThreadId
GetProcAddress
LoadLibraryA
GlobalFree
MulDiv
InitializeCriticalSection
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
lstrlenA
GlobalLock
WideCharToMultiByte
MultiByteToWideChar
GetVersion
CloseHandle
GetFileSize
CreateFileA

user32

GetMenu
GetWindowLongA
DrawTextA
GetIconInfo
FillRect
AdjustWindowRectEx
GetKeyState
GetWindowThreadProcessId
RedrawWindow
SetRect
CreateCursor
SystemParametersInfoA
GetSysColor
CharNextA
RegisterClassA
RegisterWindowMessageA
PeekMessageA
GetMessageA
TranslateMessage
DispatchMessageA
DeferWindowPos
BeginDeferWindowPos
EnableWindow
GetFocus
DestroyCursor
RegisterClassExA
GetWindowRect
GetUpdateRect
GetDC
ReleaseDC
BeginPaint
EndPaint
GetActiveWindow
SetCursor
InvalidateRect
GetDesktopWindow
GetMenuItemInfoA
GetClientRect
WindowFromPoint
PtInRect
IsChild
KillTimer
PostMessageA
IsWindow
DestroyWindow
CreateWindowExA
GetWindow
CallNextHookEx
GetCursorPos
SendMessageA
EndDeferWindowPos
WaitMessage
PostQuitMessage
SetFocus
ChildWindowFromPointEx
GetClassNameA
IsWindowEnabled
MapWindowPoints
GetTopWindow
GetMenuItemCount
SetActiveWindow
SetWindowPos
UnhookWindowsHookEx
UnregisterClassA
GetParent
SetCursorPos
GetSystemMetrics
ShowCursor
SetWindowsHookExA
SetWindowLongA
LoadIconA
LoadCursorA
SetCapture
ReleaseCapture
GetDlgItem
CallWindowProcA
DefWindowProcA
ScreenToClient
ClientToScreen
SetWindowRgn
SetTimer
EnumChildWindows

advapi32

RegEnumKeyA
RegOpenKeyExA
RegQueryValueExA
RegOpenKeyA
RegDeleteValueA
RegCloseKey
RegDeleteKeyA
RegCreateKeyA
RegSetValueA
RegQueryValueA
RegSetValueExA
RegEnumKeyExA

gdi32

IntersectClipRect
SetTextColor
BitBlt
SetBkMode
SetBkColor
GetTextExtentPoint32A
CreateDIBSection
SelectObject
CreateCompatibleDC
SetPixel
CreateSolidBrush
GetBitmapBits
GetObjectA
CreateDIBitmap
SetBitmapBits
PatBlt
CreateBitmap
CreateCompatibleBitmap
GetDIBits
CreateRectRgn
CombineRgn
GetClipRgn
SelectClipRgn
DeleteObject
GetPixel
CreateFontIndirectA
DeleteDC

comctl32

ord17

shell32

DragQueryPoint
DragQueryFileA
ExtractIconExA
DragFinish

oleaut32

VariantInit
SysAllocString
VariantClear

Exports

Exports

RMACreateInstance
RMAShutdown
SetDLLAccessPath

Sections

.text
Size: 348KB - Virtual size: 344KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 40KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 960B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rmnet
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

f65f3268243a846c0ce26dd4e0bb49a8

Headers

File Characteristics

Imports

pncrt

ole32

kernel32

user32

advapi32

gdi32

comctl32

shell32

oleaut32

Exports

Exports

Sections

.text Size: 348KB - Virtual size: 344KB

.rdata Size: 40KB - Virtual size: 36KB

.data Size: 16KB - Virtual size: 12KB

.rsrc Size: 4KB - Virtual size: 960B

.reloc Size: 24KB - Virtual size: 20KB

.rmnet Size: 60KB - Virtual size: 60KB

.text
Size: 348KB - Virtual size: 344KB

.rdata
Size: 40KB - Virtual size: 36KB

.data
Size: 16KB - Virtual size: 12KB

.rsrc
Size: 4KB - Virtual size: 960B

.reloc
Size: 24KB - Virtual size: 20KB

.rmnet
Size: 60KB - Virtual size: 60KB