20565b8833b78e734e23086634682ea071c013505b82d33dc7bef897ec2b8948

General

Target

20565b8833b78e734e23086634682ea071c013505b82d33dc7bef897ec2b8948
Size

316KB
MD5

e28126c4a7d1c83dded7d9b225b3ce00
SHA1

42931ba54b2b80c58ebbd1e839a8cfe67db0742e
SHA256

20565b8833b78e734e23086634682ea071c013505b82d33dc7bef897ec2b8948
SHA512

dde195e355677a04a657624b7d23b26437122dcb59d7325167fa16c0d24d788d972b91184d82877a519e2b21f3a4df4669178909ad33ffadeb0febb985a76036
SSDEEP

6144:mmhCucwwgGbtrkidb/hkbxfzJQBhhOVFADyFuku6mn8:D3cwWtrkidb/4dzShhUFtM

Score

N/A

Malware Config

Signatures

Files

20565b8833b78e734e23086634682ea071c013505b82d33dc7bef897ec2b8948
.dll windows x86

6b5419e9a9a8d4c9aa23656ae4cbd45e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTickCount
QueryPerformanceCounter
GlobalSize
CreateFileA
GetLastError
InitializeCriticalSection
GetModuleHandleA
TlsGetValue
SetLastError
GetStartupInfoA
SetThreadPriority
GetCurrentThread
IsBadReadPtr
GetProcAddress
GetCurrentThreadId
TlsFree
GetVersionExA
LeaveCriticalSection
VirtualFree
Sleep
FlushConsoleInputBuffer
TlsAlloc
LoadLibraryA
FreeLibrary
TlsSetValue
GlobalAlloc
DeleteCriticalSection
EnterCriticalSection
GetModuleFileNameA
VirtualAlloc
GetDateFormatA
GlobalFree

user32

GetParent
GetWindowThreadProcessId
MessageBoxA
wsprintfA
ReleaseDC
WINNLSGetEnableStatus
GetDC
GetWindowRect
PrintWindow
WindowFromDC
UnhookWindowsHookEx
GetClientRect

advapi32

RegCloseKey
RegOpenKeyExA
RegQueryValueExA

msvcrt

memset
sscanf
_ftol
bsearch
fwrite
fread
exit
strtok
fgets
calloc
fopen
atoi
ftell
getenv
fseek
malloc
abort
strcmp
_stricmp
printf
sprintf
rand
strstr
memmove
fprintf
atol
fclose
memcpy
_CIpow
strncmp
_iob
strcpy
free
_assert
sqrt
realloc

Exports

Exports

LookupError
ReferenceError
SaveThread
create_write_struct
get_PLTE
write_end

Sections

.text
Size: 108KB - Virtual size: 107KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 72KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 44KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 80KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6b5419e9a9a8d4c9aa23656ae4cbd45e

Headers

File Characteristics

Imports

kernel32

user32

advapi32

msvcrt

Exports

Exports

Sections

.text Size: 108KB - Virtual size: 107KB

.rdata Size: 72KB - Virtual size: 70KB

.data Size: 44KB - Virtual size: 44KB

.rsrc Size: 80KB - Virtual size: 78KB

.reloc Size: 8KB - Virtual size: 7KB

.text
Size: 108KB - Virtual size: 107KB

.rdata
Size: 72KB - Virtual size: 70KB

.data
Size: 44KB - Virtual size: 44KB

.rsrc
Size: 80KB - Virtual size: 78KB

.reloc
Size: 8KB - Virtual size: 7KB