5be870d3a0d412e56421695cd1978fa57bb660d8e34e3cd7db85fb5aa08c9dd5

Sharing

Copy URL Twitter E-mail

General

Target

5be870d3a0d412e56421695cd1978fa57bb660d8e34e3cd7db85fb5aa08c9dd5
Size

403KB
MD5

08e54e1e37b2086078a9d2634432a150
SHA1

468c5473ec00322137bc8f96fce9444fc730cb0f
SHA256

5be870d3a0d412e56421695cd1978fa57bb660d8e34e3cd7db85fb5aa08c9dd5
SHA512

5ff97a018dca6af56ea53a8ba848797238222c2bc3334b67925c56f6dae18067e411e26dfaa76fdf4ad9e484360d5dfea35e3e16016584bb3628fb08c82bd608
SSDEEP

12288:2KaHfIMVdt8z0let1qy3suMfaQKVaYq84s:2KaQ6di0lXyc/yQKIYq

Score

N/A

Malware Config

Signatures

Files

5be870d3a0d412e56421695cd1978fa57bb660d8e34e3cd7db85fb5aa08c9dd5
.dll windows x86

7f21ad44f845fae25d0c0deed68b3f2d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

tolower
strcat
qsort
putc
memset
memmove
memcpy
malloc
iswspace
iswpunct
iswdigit
iswalpha
free
asin
_wcsset
_vsnwprintf
_vsnprintf
_unlock
_stricmp
_onexit
_lock
_isnan
_initterm
_i64toa
_finite
_controlfp
_beep
_amsg_exit
__dllonexit
__CxxFrameHandler
_XcptFilter
_CxxThrowException
_CIsqrt
_CIsin
_CIcos
_CIatan2
_CIatan
_CIasin
_CIacos

kernel32

_llseek
WideCharToMultiByte
WaitForSingleObject
WaitForMultipleObjects
WaitCommEvent
VirtualAlloc
UnhandledExceptionFilter
TransactNamedPipe
TerminateProcess
SizeofResource
CloseHandle
CreateFileA
CreateMutexA
CreateThread
DebugBreak
DeleteAtom
DeleteCriticalSection
DeviceIoControl
EnterCriticalSection
ExitProcess
FindResourceA
FindResourceW
FlushViewOfFile
GetCPInfo
GetCommandLineA
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetFileSize
GetFileSizeEx
GetFullPathNameW
GetLastError
GetModuleFileNameA
GetModuleHandleA
GetProcAddress
GetProcessAffinityMask
SetUnhandledExceptionFilter
GetSystemTimeAsFileTime
GetTickCount
GetVersion
InitializeCriticalSection
InterlockedCompareExchange
InterlockedDecrement
InterlockedExchange
InterlockedIncrement
IsProcessorFeaturePresent
IsValidCodePage
LeaveCriticalSection
LoadLibraryA
LoadResource
LockResource
MapViewOfFileEx
MultiByteToWideChar
OutputDebugStringA
QueryPerformanceCounter
RaiseException
ReadFile
ReleaseMutex
RtlUnwind
SetFilePointerEx
GetProcessPriorityBoost

advapi32

LsaClearAuditLog
RegEnumKeyExA
RegQueryValueExA
RegCloseKey

gdi32

SetBkColor
SelectObject
SelectClipPath
MoveToEx
GetTextMetricsW
GetTextMetricsA
GetObjectW
GetObjectA
GetGlyphOutlineA
SetBkMode
GetCharacterPlacementW
ExtTextOutW
ExtTextOutA
DeleteObject
DeleteDC
CreateFontIndirectW
CreateFontIndirectA
CreateDIBSection
CreateCompatibleDC
SetMapMode
SetTextAlign
TranslateCharsetInfo
GetFontLanguageInfo

ole32

CreateStreamOnHGlobal

Exports

Exports

CreateContext
GetBufferi
IsBuffer
LoadMeshFromXInMemory
SavePRTBufferToFileW
SourcePlay
TypeCopyConstruct
mpegInOpenPrimary

Sections

.text
Size: 75KB - Virtual size: 75KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 205KB - Virtual size: 205KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 70KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 47KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7f21ad44f845fae25d0c0deed68b3f2d

Headers

File Characteristics

Imports

msvcrt

kernel32

advapi32

gdi32

ole32

Exports

Exports

Sections

.text Size: 75KB - Virtual size: 75KB

.rdata Size: 205KB - Virtual size: 205KB

.data Size: 70KB - Virtual size: 70KB

.rsrc Size: 47KB - Virtual size: 46KB

.reloc Size: 4KB - Virtual size: 4KB

.text
Size: 75KB - Virtual size: 75KB

.rdata
Size: 205KB - Virtual size: 205KB

.data
Size: 70KB - Virtual size: 70KB

.rsrc
Size: 47KB - Virtual size: 46KB

.reloc
Size: 4KB - Virtual size: 4KB