ad617508917f22f950cb0e91fd2f4c36decefbaf9be1fe33653a4ae05660025c

General

Target

ad617508917f22f950cb0e91fd2f4c36decefbaf9be1fe33653a4ae05660025c
Size

748KB
MD5

16d5fc1561772272a56b71016bdfb570
SHA1

d542261e118df3d1685d6b144020c7d4cd4b942b
SHA256

ad617508917f22f950cb0e91fd2f4c36decefbaf9be1fe33653a4ae05660025c
SHA512

38a275c12979c4ccc661dbccc5693727f3d169386515f59625b59fb9e690adc54f77e435e0206f363d8af253c8714cabf9e045ef132299439d82cc440dd7b6ce
SSDEEP

12288:oJpO/M8sDQ00u1mjh2tAZLjdrZBlrA78VOuLBqnh5UB:oQE1k0Z1mj0YLjddBDVi5UB

Score

N/A

Malware Config

Signatures

Files

ad617508917f22f950cb0e91fd2f4c36decefbaf9be1fe33653a4ae05660025c
.dll windows x86

0e4252f9b68e7fac71c68ece8596681b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

EnterCriticalSection
SetThreadPriority
CreateFileA
FreeLibrary
TlsSetValue
GetCurrentThreadId
SetLastError
GlobalSize
VirtualAlloc
TlsAlloc
GlobalFree
IsBadReadPtr
VirtualFree
Sleep
InitializeCriticalSection
LoadLibraryA
GlobalAlloc
QueryPerformanceCounter
GetTickCount
GetDateFormatA
GetProcAddress
GetLastError
DeleteCriticalSection
GetStartupInfoA
TlsFree
GetModuleHandleA
LeaveCriticalSection
GetModuleFileNameA
TlsGetValue

user32

GetDC
GetWindowRect
WindowFromDC
GetWindowThreadProcessId
ReleaseDC
MessageBoxA
GetParent
wsprintfA

advapi32

RegQueryValueExA
RegOpenKeyExA
RegCloseKey

msvcrt

_CIpow
fwrite
getenv
exit
fgets
strstr
malloc
memcpy
strncmp
fseek
fprintf
strtok
sprintf
bsearch
memset
fread
_iob
_stricmp
_assert
sscanf
calloc
abort
fclose
ftell
rand
realloc
free
atoi
atol
strcmp
fopen
_ftol
strcpy
memmove

Exports

Exports

RestoreThread
SetItemString
SimpleParseFile
SyntaxLocation
vResolveTokenVarA

Sections

.text
Size: 184KB - Virtual size: 182KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 84KB - Virtual size: 82KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 256KB - Virtual size: 256KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 212KB - Virtual size: 209KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0e4252f9b68e7fac71c68ece8596681b

Headers

File Characteristics

Imports

kernel32

user32

advapi32

msvcrt

Exports

Exports

Sections

.text Size: 184KB - Virtual size: 182KB

.rdata Size: 84KB - Virtual size: 82KB

.data Size: 256KB - Virtual size: 256KB

.rsrc Size: 212KB - Virtual size: 209KB

.reloc Size: 8KB - Virtual size: 7KB

.text
Size: 184KB - Virtual size: 182KB

.rdata
Size: 84KB - Virtual size: 82KB

.data
Size: 256KB - Virtual size: 256KB

.rsrc
Size: 212KB - Virtual size: 209KB

.reloc
Size: 8KB - Virtual size: 7KB