a4a9a103156768e7c41a3d7edd307d1faf130b30c0131a44e951a0642c78dcbf

General

Target

a4a9a103156768e7c41a3d7edd307d1faf130b30c0131a44e951a0642c78dcbf
Size

592KB
MD5

f659b822da3f68264e4a4ff9d309a3a0
SHA1

78c2f64701b30ca74e1eb0a0b5bc60495dd58104
SHA256

a4a9a103156768e7c41a3d7edd307d1faf130b30c0131a44e951a0642c78dcbf
SHA512

8a1276c85d3081236c3ab1b2e34b1a05c561b38373496b5215fa6caebe055595f778dce064fdd67394cb3d0f24ef1e39e600344f71a299c1415c64f45a8824a8
SSDEEP

12288:Qoty+YOO+CJwtue/0AeCtYz7abe9A4ChNOr6q3ssmh//GYs:QotFYAWFGmi4ChNOr6q3nq/eYs

Score

N/A

Malware Config

Signatures

Files

a4a9a103156768e7c41a3d7edd307d1faf130b30c0131a44e951a0642c78dcbf
.dll windows x86

882ee1fb90487eab4925db7e81d2443c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

wsprintfA
ReleaseDC
UnhookWindowsHookEx
GetParent
GetWindowThreadProcessId
PrintWindow
MessageBoxA
GetClientRect
GetDC

msvcrt

fprintf
strcpy
fseek
getenv
_ftol
printf
fwrite
sscanf
_CIpow
fclose
memmove
_assert
atol
realloc
strncmp
exit
malloc
_stricmp
_iob
fread
memcpy
strcmp
bsearch
ftell
free
fopen
atoi
strstr
rand
abort
memset
sprintf
strtok
fgets
calloc
sqrt

kernel32

LeaveCriticalSection
GetStartupInfoA
QueryPerformanceCounter
TlsFree
GlobalFree
VirtualFree
GetCurrentThreadId
FlushConsoleInputBuffer
SetLastError
GetCurrentThread
GetLastError
DeleteCriticalSection
InitializeCriticalSection
EnterCriticalSection
TlsGetValue
Sleep
LoadLibraryA
GlobalSize
SetThreadPriority
VirtualAlloc
IsBadReadPtr
GetVersionExA
GlobalAlloc
GetTickCount
TlsAlloc
TlsSetValue
CreateFileA
GetModuleHandleA
GetModuleFileNameA
GetProcAddress
GetDateFormatA
FreeLibrary

advapi32

RegOpenKeyExA
RegQueryValueExA
RegCloseKey

Exports

Exports

RestoreThread
SetItemString
SimpleParseFile
SyntaxLocation
vResolveTokenVarA

Sections

.text
Size: 176KB - Virtual size: 175KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 88KB - Virtual size: 87KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 112KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 204KB - Virtual size: 203KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

882ee1fb90487eab4925db7e81d2443c

Headers

File Characteristics

Imports

user32

msvcrt

kernel32

advapi32

Exports

Exports

Sections

.text Size: 176KB - Virtual size: 175KB

.rdata Size: 88KB - Virtual size: 87KB

.data Size: 112KB - Virtual size: 112KB

.rsrc Size: 204KB - Virtual size: 203KB

.reloc Size: 8KB - Virtual size: 7KB

.text
Size: 176KB - Virtual size: 175KB

.rdata
Size: 88KB - Virtual size: 87KB

.data
Size: 112KB - Virtual size: 112KB

.rsrc
Size: 204KB - Virtual size: 203KB

.reloc
Size: 8KB - Virtual size: 7KB