19ee5e3ba3d237225ff72c3e84e6a1e432697a0f873567b8175458ecfabaeddd

General

Target

19ee5e3ba3d237225ff72c3e84e6a1e432697a0f873567b8175458ecfabaeddd
Size

732KB
MD5

dac43c7d204e14bdfd353b590ee17d60
SHA1

495e406bc4cc12462ee9cdd718f624aab309309c
SHA256

19ee5e3ba3d237225ff72c3e84e6a1e432697a0f873567b8175458ecfabaeddd
SHA512

163955ed55f44c56fb44ad12a08784601c9568346ad3c3f2eb0c5aaf9445f2d7a107db91d48e29b7151dd309a884cc46215faa5f3a55005a8784e725790c701e
SSDEEP

12288:bG17zdEjGIVM9Kik251TVrdjd61pU0vApZ0oes:bGF+jGIG9KTe761u

Score

N/A

Malware Config

Signatures

Files

19ee5e3ba3d237225ff72c3e84e6a1e432697a0f873567b8175458ecfabaeddd
.dll windows x86

917f490339540d334b0bbbfcab1d861e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegCloseKey
RegOpenKeyExA
RegQueryValueExA

kernel32

CreateFileA
GetTickCount
GlobalFree
Sleep
TlsSetValue
SetThreadPriority
GetStartupInfoA
TlsGetValue
GetModuleHandleA
VirtualAlloc
LeaveCriticalSection
SetLastError
DeleteCriticalSection
GlobalSize
TlsAlloc
FreeLibrary
GetProcAddress
GetCurrentThreadId
TlsFree
LoadLibraryA
GetDateFormatA
GetLastError
GlobalAlloc
GetModuleFileNameA
IsBadReadPtr
QueryPerformanceCounter
VirtualFree
EnterCriticalSection
InitializeCriticalSection

user32

GetWindowRect
GetDC
wsprintfA
ReleaseDC
GetWindowThreadProcessId
GetParent
MessageBoxA

msvcrt

fgets
fread
strcpy
_iob
realloc
exit
memcpy
fseek
fwrite
strtok
fclose
abort
atol
strcmp
strstr
calloc
free
fprintf
_assert
getenv
fopen
sprintf
strncmp
_ftol
malloc
_CIpow
sscanf
memmove
_stricmp
rand
ftell
memset

Exports

Exports

FileExFlags
Keys
List_GetSlice
Long_FromUnicode
MemberDescr_Type
ParseFile
SetBufSize
_Tuple
set_crc_action

Sections

.text
Size: 180KB - Virtual size: 178KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 72KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 256KB - Virtual size: 256KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 212KB - Virtual size: 211KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

917f490339540d334b0bbbfcab1d861e

Headers

File Characteristics

Imports

advapi32

kernel32

user32

msvcrt

Exports

Exports

Sections

.text Size: 180KB - Virtual size: 178KB

.rdata Size: 72KB - Virtual size: 70KB

.data Size: 256KB - Virtual size: 256KB

.rsrc Size: 212KB - Virtual size: 211KB

.reloc Size: 8KB - Virtual size: 7KB

.text
Size: 180KB - Virtual size: 178KB

.rdata
Size: 72KB - Virtual size: 70KB

.data
Size: 256KB - Virtual size: 256KB

.rsrc
Size: 212KB - Virtual size: 211KB

.reloc
Size: 8KB - Virtual size: 7KB