c88f9f3442d76e5ab8ecbfacf2a8503b8715b3a56a06a3aed558cb91c0352cc8

Sharing

Copy URL Twitter E-mail

General

Target

c88f9f3442d76e5ab8ecbfacf2a8503b8715b3a56a06a3aed558cb91c0352cc8
Size

628KB
MD5

ddfcb0c6096ea2db6e55d71f406fb616
SHA1

935876ce5a995e452e4e9334add1099096571e3a
SHA256

c88f9f3442d76e5ab8ecbfacf2a8503b8715b3a56a06a3aed558cb91c0352cc8
SHA512

0f21600be2972d141a6be8fb8fd1f827b0761afedfb2491fc1f0b803048e7300deed9968576de42fbe3ef391ebfc84b756408f61d3d9d1641fa858dec95cfc28
SSDEEP

12288:9E3rPMVLqffhzDHy4+ILMmn4Kiy8cO/4OhIJgoqxyx+slevGFi6SrbuDqL6xcGYm:9E3rPMV+fpfHjlUxgSv56SXwq+xW+Jr1

Score

N/A

Malware Config

Signatures

Files

c88f9f3442d76e5ab8ecbfacf2a8503b8715b3a56a06a3aed558cb91c0352cc8
.dll windows x86

f65f3268243a846c0ce26dd4e0bb49a8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

pncrt

printf
_mbctype
_adjust_fdiv
_initterm
__dllonexit
_telli64
_lseeki64
_chsize
_fstat
_ftol
strtod
isdigit
_onexit
_errno
_vsnprintf
tolower
memmove
atof
atol
sscanf
_purecall
strtok
rand
fopen
fread
isspace
fclose
realloc
malloc
wcslen
abort
strchr
toupper
atoi
strtol
qsort
strncmp
strrchr
_stricmp
free
_strdup
strncpy
strstr
sprintf
??2@YAPAXI@Z
??3@YAXPAX@Z
_unlink
_write
_read
_tell
_lseek
_sopen
_open
_creat
_close
_putenv
_strnicmp
_itoa
_stat
_strcmpi
_strlwr
_strupr

ole32

CoCreateInstance
CoUninitialize
CoInitialize

kernel32

GlobalUnlock
SetErrorMode
GetSystemInfo
GetVersionExA
GlobalAlloc
DisableThreadLibraryCalls
GetTempFileNameA
CreateFileMappingA
MapViewOfFile
UnmapViewOfFile
GetTempPathA
InterlockedDecrement
InterlockedIncrement
GetLastError
FreeLibrary
GetModuleFileNameA
GetCurrentThreadId
GetProcAddress
LoadLibraryA
GlobalFree
MulDiv
InitializeCriticalSection
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
lstrlenA
GlobalLock
WideCharToMultiByte
MultiByteToWideChar
GetVersion
CloseHandle
GetFileSize
CreateFileA

user32

GetMenu
GetWindowLongA
DrawTextA
GetIconInfo
FillRect
AdjustWindowRectEx
GetKeyState
GetWindowThreadProcessId
RedrawWindow
SetRect
CreateCursor
SystemParametersInfoA
GetSysColor
CharNextA
RegisterClassA
RegisterWindowMessageA
PeekMessageA
GetMessageA
TranslateMessage
DispatchMessageA
DeferWindowPos
BeginDeferWindowPos
EnableWindow
GetFocus
DestroyCursor
RegisterClassExA
GetWindowRect
GetUpdateRect
GetDC
ReleaseDC
BeginPaint
EndPaint
GetActiveWindow
SetCursor
InvalidateRect
GetDesktopWindow
GetMenuItemInfoA
GetClientRect
WindowFromPoint
PtInRect
IsChild
KillTimer
PostMessageA
IsWindow
DestroyWindow
CreateWindowExA
GetWindow
CallNextHookEx
GetCursorPos
SendMessageA
EndDeferWindowPos
WaitMessage
PostQuitMessage
SetFocus
ChildWindowFromPointEx
GetClassNameA
IsWindowEnabled
MapWindowPoints
GetTopWindow
GetMenuItemCount
SetActiveWindow
SetWindowPos
UnhookWindowsHookEx
UnregisterClassA
GetParent
SetCursorPos
GetSystemMetrics
ShowCursor
SetWindowsHookExA
SetWindowLongA
LoadIconA
LoadCursorA
SetCapture
ReleaseCapture
GetDlgItem
CallWindowProcA
DefWindowProcA
ScreenToClient
ClientToScreen
SetWindowRgn
SetTimer
EnumChildWindows

advapi32

RegEnumKeyA
RegOpenKeyExA
RegQueryValueExA
RegOpenKeyA
RegDeleteValueA
RegCloseKey
RegDeleteKeyA
RegCreateKeyA
RegSetValueA
RegQueryValueA
RegSetValueExA
RegEnumKeyExA

gdi32

IntersectClipRect
SetTextColor
BitBlt
SetBkMode
SetBkColor
GetTextExtentPoint32A
CreateDIBSection
SelectObject
CreateCompatibleDC
SetPixel
CreateSolidBrush
GetBitmapBits
GetObjectA
CreateDIBitmap
SetBitmapBits
PatBlt
CreateBitmap
CreateCompatibleBitmap
GetDIBits
CreateRectRgn
CombineRgn
GetClipRgn
SelectClipRgn
DeleteObject
GetPixel
CreateFontIndirectA
DeleteDC

comctl32

ord17

shell32

DragQueryPoint
DragQueryFileA
ExtractIconExA
DragFinish

oleaut32

VariantInit
SysAllocString
VariantClear

Exports

Exports

RMACreateInstance
RMAShutdown
SetDLLAccessPath

Sections

.text
Size: 348KB - Virtual size: 344KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 40KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 960B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 192KB - Virtual size: 192KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

f65f3268243a846c0ce26dd4e0bb49a8

Headers

File Characteristics

Imports

pncrt

ole32

kernel32

user32

advapi32

gdi32

comctl32

shell32

oleaut32

Exports

Exports

Sections

.text Size: 348KB - Virtual size: 344KB

.rdata Size: 40KB - Virtual size: 36KB

.data Size: 16KB - Virtual size: 12KB

.rsrc Size: 4KB - Virtual size: 960B

.reloc Size: 24KB - Virtual size: 20KB

.text Size: 192KB - Virtual size: 192KB

.text
Size: 348KB - Virtual size: 344KB

.rdata
Size: 40KB - Virtual size: 36KB

.data
Size: 16KB - Virtual size: 12KB

.rsrc
Size: 4KB - Virtual size: 960B

.reloc
Size: 24KB - Virtual size: 20KB

.text
Size: 192KB - Virtual size: 192KB