3683b4f6f6ced542df5c63cd75882a44a682b5918b9dd11091da24818ce6f1c1

Sharing

Copy URL

Twitter E-mail

General

Target

3683b4f6f6ced542df5c63cd75882a44a682b5918b9dd11091da24818ce6f1c1
Size

168KB
MD5

ce5d5132e1bcb930fba8de4a2671cf31
SHA1

8a01a2add1390d472a46c76dcce06c3e4d303957
SHA256

3683b4f6f6ced542df5c63cd75882a44a682b5918b9dd11091da24818ce6f1c1
SHA512

d4b020adaf8a034b47d0ad690aae7cb5cae3446cd7e515d1c2c35d1bfa5e4458459549300c5bb76c0a8a174c8826713437b1747bab9328bbdcf8351abd42e6a7
SSDEEP

3072:D6/DOOG64VoY0YmchxHhsiOiKiNvqAYi7A/03Rx6ZRUbivdS:WbOOG65zcHHhL1pN9Yi7N2RUbi

Score

N/A

Malware Config

Signatures

Files

3683b4f6f6ced542df5c63cd75882a44a682b5918b9dd11091da24818ce6f1c1
.dll windows x86

a64158628dc537a66c9b2932e75c8c8d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
GetSystemInfo
FreeLibrary
WideCharToMultiByte
MultiByteToWideChar
SetErrorMode
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
ExitProcess
GetCurrentThreadId
GetTickCount
InterlockedDecrement
InterlockedIncrement
GetEnvironmentVariableA
GetModuleFileNameA
LoadLibraryA

user32

SendDlgItemMessageA
EnableWindow
GetDlgItem
GetDlgItemTextA
UnhookWindowsHookEx
MessageBoxA
SetWindowsHookExA
DialogBoxParamA
CharPrevA
CharNextA
GetSystemMetrics
GetWindowRect
GetParent
GetDesktopWindow
SetFocus
CallNextHookEx
LoadImageA
IsWindow
EndDialog
MoveWindow
SystemParametersInfoA

advapi32

RegCreateKeyExA
RegOpenKeyExA
RegCloseKey
RegQueryValueExA
RegSetValueExA

gdi32

DeleteObject

msvcp71

??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
?_Nomemory@std@@YAXXZ
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z

msvcr71

calloc
_putenv
_strnicmp
?terminate@@YAXXZ
??1type_info@@UAE@XZ
__CppXcptFilter
_adjust_fdiv
_initterm
_onexit
__dllonexit
_except_handler3
__security_error_handler
_callnewh
ceil
_CIpow
tolower
??_V@YAXPAX@Z
__CxxFrameHandler
_CxxThrowException
??0exception@@QAE@ABV0@@Z
??1exception@@UAE@XZ
??0exception@@QAE@XZ
_stricmp
strrchr
strncpy
??3@YAXPAX@Z
atof
time
atol
free
strchr
isspace
strtok
_strdup
atoi
sprintf
realloc
printf
strncmp
_purecall
malloc
_vsnprintf

Exports

Exports

RMACreateInstance
RMAShutdown
RPCreateInstance
SetDLLAccessPath

Sections

.text
Size: 72KB - Virtual size: 70KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a64158628dc537a66c9b2932e75c8c8d

Headers

File Characteristics

Imports

kernel32

user32

advapi32

gdi32

msvcp71

msvcr71

Exports

Exports

Sections

.text Size: 72KB - Virtual size: 70KB

.rdata Size: 12KB - Virtual size: 8KB

.data Size: 60KB - Virtual size: 60KB

.rsrc Size: 12KB - Virtual size: 10KB

.reloc Size: 8KB - Virtual size: 6KB

.text
Size: 72KB - Virtual size: 70KB

.rdata
Size: 12KB - Virtual size: 8KB

.data
Size: 60KB - Virtual size: 60KB

.rsrc
Size: 12KB - Virtual size: 10KB

.reloc
Size: 8KB - Virtual size: 6KB