48ae52b08999aad2a83b08e55464e69b2758210a3065622b6e382d93b65116f9

Sharing

Copy URL Twitter E-mail

General

Target

48ae52b08999aad2a83b08e55464e69b2758210a3065622b6e382d93b65116f9
Size

592KB
MD5

bbea873222be4e8c8ed76b9924b029f0
SHA1

b7c99d535d59b23646573b97443bd6b9b0fee57f
SHA256

48ae52b08999aad2a83b08e55464e69b2758210a3065622b6e382d93b65116f9
SHA512

134bbba166ad42902eb5cc99a232bdb501284f2f709634241cbea653faee5700722c154906e29ac2229a98f85f958925af1c407e976334882f30ec0d3a4d4c29
SSDEEP

12288:6Iz5gezl/ATLHzYk6vfX1eaDGGctfzUAkMFOnmT1sVdoZbkS:xKE/84DQtLjkM4nMyjE

Score

N/A

Malware Config

Signatures

Files

48ae52b08999aad2a83b08e55464e69b2758210a3065622b6e382d93b65116f9
.dll windows x86

8c114252c28ef02b499367462e6a446b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TlsGetValue
OutputDebugStringA
GlobalSize
GetCurrentThreadId
DeleteCriticalSection
TlsAlloc
GetTickCount
SetThreadPriority
GetLastError
GetCurrentThread
GlobalAlloc
GetVersionExA
LoadLibraryA
InitializeCriticalSection
FreeLibrary
GetModuleFileNameA
LeaveCriticalSection
SetLastError
VirtualAlloc
VirtualFree
WriteFile
GetStartupInfoA
GetProcAddress
TlsFree
GetModuleHandleA
GlobalFree
CreateFileA
TlsSetValue
EnterCriticalSection
Sleep
GetDateFormatA
GetTempPathA

msvcrt

fgets
_stricmp
strncmp
memcmp
exit
strtok
memmove
fclose
realloc
strstr
strcmp
bsearch
sqrt
atol
fwrite
atoi
malloc
fprintf
memset
atof
fopen
_filbuf
getenv
fseek
fflush
calloc
qsort
_ftol
strcpy
_assert
_CIpow
rand
floor
abort
memcpy
fread
sprintf
ftell
free
printf
sscanf
_iob
fscanf
ungetc

gdi32

GetObjectA
DeleteDC
SetDIBColorTable
GetObjectType
CreateCompatibleBitmap
GetRasterizerCaps
SelectObject
GetPaletteEntries
GetDeviceCaps
CreateFontIndirectA
CreateSolidBrush
CreateDIBSection
CreateCompatibleDC
GetOutlineTextMetricsA
DescribePixelFormat
BitBlt
GetGlyphOutlineA
DeleteObject
GetPixelFormat
ExtEscape
GetCurrentObject

advapi32

RegCloseKey
RegOpenKeyExA
RegQueryValueExA

user32

ReleaseDC
MessageBoxA
GetDesktopWindow
GetClientRect
GetParent
SetWindowsHookExA
WindowFromDC
GetDC
GetWindowThreadProcessId
GetWindowRect
UnhookWindowsHookEx
FillRect
ClientToScreen
wsprintfA
DestroyWindow

ddraw

DirectDrawCreate

Exports

Exports

AcquireThread
GetItem
StreamWriter
write_end
write_png

Sections

.text
Size: 184KB - Virtual size: 182KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 76KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 112KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 208KB - Virtual size: 204KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8c114252c28ef02b499367462e6a446b

Headers

File Characteristics

Imports

kernel32

msvcrt

gdi32

advapi32

user32

ddraw

Exports

Exports

Sections

.text Size: 184KB - Virtual size: 182KB

.rdata Size: 76KB - Virtual size: 72KB

.data Size: 112KB - Virtual size: 112KB

.rsrc Size: 208KB - Virtual size: 204KB

.reloc Size: 8KB - Virtual size: 6KB

.text
Size: 184KB - Virtual size: 182KB

.rdata
Size: 76KB - Virtual size: 72KB

.data
Size: 112KB - Virtual size: 112KB

.rsrc
Size: 208KB - Virtual size: 204KB

.reloc
Size: 8KB - Virtual size: 6KB