f958851fae0f342b4c957c43066618eb00877349920be6ae362f3cbbef230eb8

Sharing

Copy URL Twitter E-mail

General

Target

f958851fae0f342b4c957c43066618eb00877349920be6ae362f3cbbef230eb8
Size

68KB
MD5

15848baa09f995536f5a17c02c5ef546
SHA1

222b22eca36c6c48a10c7c1c0723e091ca4e3907
SHA256

f958851fae0f342b4c957c43066618eb00877349920be6ae362f3cbbef230eb8
SHA512

23232e349a078b20e394b553634464da13691a45f7b9131420452fe349ba40a904d27c24290ea3f77a7395d8089e6cbefff7bfb5c886c16241efd52804390a19
SSDEEP

1536:BHgyYqpitodH14uSz7OHlJg1J2inEroyD:BABOdH14uwCDgXnO

Score

N/A

Malware Config

Signatures

Files

f958851fae0f342b4c957c43066618eb00877349920be6ae362f3cbbef230eb8
.dll windows x86

7774b2a803a4b93522bc06761bac3993

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
LoadLibraryA
GetSystemDirectoryA
CloseHandle
CreateThread
IsBadReadPtr
GetModuleHandleA
WideCharToMultiByte
Sleep
WaitForSingleObject
GlobalFree
GlobalAlloc
InterlockedDecrement
GetLastError
MultiByteToWideChar
lstrlenA
LocalFree

ole32

CoCreateInstance
CoUninitialize
CreateStreamOnHGlobal
CoInitialize
CLSIDFromProgID

oleaut32

SysFreeString
VariantInit
VariantCopy
VariantClear
SafeArrayGetDim
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayAccessData
SysAllocString
GetErrorInfo
SysStringLen
SafeArrayUnaccessData

msvcrt

_CxxThrowException
_itoa
_adjust_fdiv
_initterm
?terminate@@YAXXZ
_except_handler3
_onexit
__dllonexit
_ftol
??2@YAPAXI@Z
??3@YAXPAX@Z
malloc
_snprintf
__CxxFrameHandler
atoi
strstr
free
wcscmp
strncpy
??1type_info@@UAE@XZ

gdiplus

GdipCloneImage
GdipGetImageEncodersSize
GdipDisposeImage
GdipFree
GdiplusStartup
GdiplusShutdown
GdipSaveImageToStream
GdipAlloc
GdipLoadImageFromStream
GdipGetImageEncoders

Exports

Exports

AlphaBlend
DllInitialize
GradientFill
TransparentBlt
vSetDdrawflag

Sections

.text
Size: 32KB - Virtual size: 30KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7774b2a803a4b93522bc06761bac3993

Headers

File Characteristics

Imports

kernel32

ole32

oleaut32

msvcrt

gdiplus

Exports

Exports

Sections

.text Size: 32KB - Virtual size: 30KB

.data Size: 4KB - Virtual size: 2KB

.text Size: 4KB - Virtual size: 1KB

.text Size: 20KB - Virtual size: 16KB

.reloc Size: 4KB - Virtual size: 1KB

.text
Size: 32KB - Virtual size: 30KB

.data
Size: 4KB - Virtual size: 2KB

.text
Size: 4KB - Virtual size: 1KB

.text
Size: 20KB - Virtual size: 16KB

.reloc
Size: 4KB - Virtual size: 1KB