b16f98ea26d52438d0470440a56ed96f5eb8e0691ac79491b5bc88edff4e471a

Sharing

Copy URL Twitter E-mail

General

Target

b16f98ea26d52438d0470440a56ed96f5eb8e0691ac79491b5bc88edff4e471a
Size

205KB
MD5

74665e8308020056bf3d41ac84ebf7f5
SHA1

30461606ef6abf30021891e7f940ac6a5d0f5c17
SHA256

b16f98ea26d52438d0470440a56ed96f5eb8e0691ac79491b5bc88edff4e471a
SHA512

7b4c5b36da623019e2ea83eb00a2a06e9daec9cdcfe5f18421ed844c41eb058d0c49dff99a35a8ec3c6f6a5972c2fae8a816b5b90201f29c8e85a3e38bb4283e
SSDEEP

3072:ccTT2TXDWATjpQOjCexeOlX76X3XsT/xb4u9EZteABKGp2yJcGdCb64pFVMUot:Vn6DWejprHxeE76Xw/xb4CAJMy5Ab61

Score

N/A

Malware Config

Signatures

Files

b16f98ea26d52438d0470440a56ed96f5eb8e0691ac79491b5bc88edff4e471a
.dll windows x86

6cf8a5f2e10a86cdc7f60638de011bc9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

LoadIconA
MoveWindow
SetTimer
CallNextHookEx
GetWindowLongA
ChildWindowFromPoint
ScrollWindow
DrawMenuBar
GetTopWindow
PeekMessageW
BeginPaint
PostMessageA
GetMenuState
ReleaseCapture
WindowFromPoint
EndPaint
SetWindowLongW
OffsetRect
SetRect
GetSystemMetrics
SetFocus
CharUpperA
CreateWindowExA
CreatePopupMenu
DrawTextA
SetWindowLongA
RemovePropA
GetActiveWindow
GetKeyboardLayoutNameA
GetDC
CharLowerBuffA
GetWindowRect
GetKeyboardState
CharToOemA
LoadStringA
CharNextW
GetMenuItemID
SetWindowPlacement
MsgWaitForMultipleObjects
GetWindowLongW
wsprintfA
IsChild
PostQuitMessage
EnumThreadWindows
GetMenu
IsWindowEnabled
SetClipboardData
SendMessageA
LoadCursorA
SetMenuItemInfoA
DefWindowProcA
InvalidateRect
GetMenuStringA
GetMessagePos
GetLastActivePopup
MessageBeep
UnregisterClassA
DestroyIcon
ShowScrollBar
EnableScrollBar
OpenIcon
TranslateMDISysAccel
FindWindowA

oleaut32

GetErrorInfo
SafeArrayGetUBound
VariantChangeType
SysAllocStringLen
RegisterTypeLib
SafeArrayCreate

kernel32

GetProcessHeap
VirtualAllocEx
GetDateFormatA
VirtualQuery
GetTickCount
ExitProcess
LocalAlloc
LoadLibraryA
lstrcpyA
GetLastError
GetCurrentProcessId
GetUserDefaultLCID
WaitForSingleObject
GetCommandLineW
GetEnvironmentStrings
GetLocalTime
RaiseException
Sleep
WriteFile
FindClose
lstrlenA
GetOEMCP
MulDiv

gdi32

GetBkColor
GetPixel
CopyEnhMetaFileA

Exports

Exports

_RMv4M@8

Sections

.text
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 142KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 149KB - Virtual size: 149KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 301B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.badata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6cf8a5f2e10a86cdc7f60638de011bc9

Headers

File Characteristics

Imports

user32

oleaut32

kernel32

gdi32

Exports

Exports

Sections

.text Size: 24KB - Virtual size: 23KB

.rdata Size: 11KB - Virtual size: 142KB

.data Size: 149KB - Virtual size: 149KB

.edata Size: 512B - Virtual size: 301B

.badata Size: 2KB - Virtual size: 1KB

.rsrc Size: 14KB - Virtual size: 13KB

.reloc Size: 3KB - Virtual size: 3KB

.text
Size: 24KB - Virtual size: 23KB

.rdata
Size: 11KB - Virtual size: 142KB

.data
Size: 149KB - Virtual size: 149KB

.edata
Size: 512B - Virtual size: 301B

.badata
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 14KB - Virtual size: 13KB

.reloc
Size: 3KB - Virtual size: 3KB