781e1655db4e6208542b20e6b8fab673dc178b6ab9b43f65f61d35b904edae24

General

Target

781e1655db4e6208542b20e6b8fab673dc178b6ab9b43f65f61d35b904edae24
Size

720KB
MD5

5c944f0d89bef3340310a0289d99c720
SHA1

6efc8d0eee988d3b11d26728b5a52cb03c6f8db7
SHA256

781e1655db4e6208542b20e6b8fab673dc178b6ab9b43f65f61d35b904edae24
SHA512

4a4b260ce79e844c573ff2b401b5c83814cd6ed38ca1a1323a6f27b84dffa657cba079b47e2f5b269f94d4d5d9a2a4246a83802e14fbe0815cf4daef4f949580
SSDEEP

6144:zyecAxv+QFsqf8L8h1C4osxSPZ5kRXYm7+e3X5dU3n3x3voFxUetSQk6u7c6RMV2:ztcav+Qg8D25ClHbjtC6kc6R6mL

Score

N/A

Malware Config

Signatures

Files

781e1655db4e6208542b20e6b8fab673dc178b6ab9b43f65f61d35b904edae24
.dll windows x86

ebc5cc5743e36e72423953e8fe2e15b6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
IsBadReadPtr
TlsFree
GlobalAlloc
FreeLibrary
CreateFileA
GetStartupInfoA
SetLastError
GetLastError
TlsGetValue
VirtualFree
EnterCriticalSection
SetThreadPriority
GetTickCount
LeaveCriticalSection
QueryPerformanceCounter
GetProcAddress
GetCurrentThreadId
Sleep
VirtualAlloc
GetModuleHandleA
InitializeCriticalSection
TlsSetValue
GetDateFormatA
GlobalSize
TlsAlloc
GetModuleFileNameA
DeleteCriticalSection
GlobalFree

msvcrt

strcpy
fopen
memset
fclose
calloc
memmove
memcpy
free
strncmp
atol
_assert
_stricmp
sscanf
exit
_CIpow
getenv
malloc
strstr
strtok
sprintf
_iob
rand
abort
fwrite
_ftol
fprintf
fseek
strcmp
ftell
fgets
realloc
fread

user32

MessageBoxA
GetParent
GetWindowRect
wsprintfA
GetWindowThreadProcessId
GetDC
ReleaseDC

advapi32

RegQueryValueExA
RegCloseKey
RegOpenKeyExA

Exports

Exports

BufferError
GetRestricted
WithFilename
WriteObjectString
get_filter_type

Sections

.text
Size: 176KB - Virtual size: 174KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 68KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 256KB - Virtual size: 256KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 208KB - Virtual size: 207KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ebc5cc5743e36e72423953e8fe2e15b6

Headers

File Characteristics

Imports

kernel32

msvcrt

user32

advapi32

Exports

Exports

Sections

.text Size: 176KB - Virtual size: 174KB

.rdata Size: 68KB - Virtual size: 65KB

.data Size: 256KB - Virtual size: 256KB

.rsrc Size: 208KB - Virtual size: 207KB

.reloc Size: 8KB - Virtual size: 7KB

.text
Size: 176KB - Virtual size: 174KB

.rdata
Size: 68KB - Virtual size: 65KB

.data
Size: 256KB - Virtual size: 256KB

.rsrc
Size: 208KB - Virtual size: 207KB

.reloc
Size: 8KB - Virtual size: 7KB