dd7a3c4c2ff02403eb3599c90ce91161bf9d85b391a9ee2150ae07a9aa6098c5

Sharing

Copy URL Twitter E-mail

General

Target

dd7a3c4c2ff02403eb3599c90ce91161bf9d85b391a9ee2150ae07a9aa6098c5
Size

168KB
MD5

3e4ae7bed6d114e4506e82e99e6a60ba
SHA1

4af22380623f270a8b6b9fa06475f19c173389f4
SHA256

dd7a3c4c2ff02403eb3599c90ce91161bf9d85b391a9ee2150ae07a9aa6098c5
SHA512

b28baf6a6898d2eb113b75ecbbe6a21c3f171c7f6312aa60ac1af102a66dc6095a9102a97d3866d1a3ac9b18b28c04241b917b426b93c3934aefcfd315aba19a
SSDEEP

3072:HR9n7IIVPGE2wxMvSb/y1ZxV+cUCBZxln6jGiUj/r:Ln7pPGbvSjYxw3CBbln6jGiE

Score

N/A

Malware Config

Signatures

Files

dd7a3c4c2ff02403eb3599c90ce91161bf9d85b391a9ee2150ae07a9aa6098c5
.dll windows x86

1536b95425f91732396c6dea2ab05d99

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
LoadLibraryA
CloseHandle
CreateThread
LeaveCriticalSection
VirtualAlloc
lstrcpyA
SetEvent
CancelIo
Sleep
lstrlenA
lstrcatA
FreeLibrary
DeleteFileA
GetLastError
RemoveDirectoryA
LocalFree
GetFileSize
ReadFile
LocalAlloc
SetFilePointer
WriteFile
MoveFileA
GetVersionExA
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
TerminateThread
InterlockedExchange
ExitProcess
GetTempPathA
GetTickCount
HeapAlloc
GetProcessHeap
DeviceIoControl
GetModuleFileNameA
WaitForSingleObject
RaiseException

msvcrt

ceil
_ftol
strlen
strstr
memcmp
_CxxThrowException
strchr
malloc
strcpy
strcmp
free
_except_handler3
strrchr
strcat
memmove
strncmp
strncpy
_errno
_snprintf
_mbsstr
_mbsupr
fclose
fprintf
fopen
strncat
realloc
_beginthreadex
calloc
??1type_info@@UAE@XZ
__CxxFrameHandler
memcpy
memset
atoi
??2@YAPAXI@Z
_strnset
??3@YAXPAX@Z
_strnicmp

msvcp60

??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBDABV?$allocator@D@1@@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?c_str@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEPBDXZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z

msvfw32

ICSendMessage

Exports

Exports

Install
lch
main
xjm

Sections

.text
Size: 112KB - Virtual size: 110KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 4KB - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1536b95425f91732396c6dea2ab05d99

Headers

File Characteristics

Imports

kernel32

msvcrt

msvcp60

msvfw32

Exports

Exports

Sections

.text Size: 112KB - Virtual size: 110KB

.rdata Size: 12KB - Virtual size: 9KB

.data Size: 20KB - Virtual size: 24KB

.CRT Size: 4KB - Virtual size: 4B

.rsrc Size: 4KB - Virtual size: 4KB

.reloc Size: 12KB - Virtual size: 8KB

.text
Size: 112KB - Virtual size: 110KB

.rdata
Size: 12KB - Virtual size: 9KB

.data
Size: 20KB - Virtual size: 24KB

.CRT
Size: 4KB - Virtual size: 4B

.rsrc
Size: 4KB - Virtual size: 4KB

.reloc
Size: 12KB - Virtual size: 8KB