3ea0a0004daceda579d1f41f024c4de18e1c93ec93872a132b6a8d558e6d873e

General

Target

3ea0a0004daceda579d1f41f024c4de18e1c93ec93872a132b6a8d558e6d873e
Size

744KB
MD5

d610da1da0cd298868be4ab0f0059370
SHA1

0556093fd66a890b786b1753f1dd2e4698c40e4b
SHA256

3ea0a0004daceda579d1f41f024c4de18e1c93ec93872a132b6a8d558e6d873e
SHA512

8b75328ea6d168dafd95a9701183bf3693309ed38e3fe778b10256f39a71452e93ec90809921dffbc3aec3c79ec189565611ceee8f29bd881b509d0b42e945f7
SSDEEP

12288:I8NSBHtr49jKGQYAgPIZJV9KssRndjbK+:I8NSB2FyYAgwvT0Hp

Score

N/A

Malware Config

Signatures

Files

3ea0a0004daceda579d1f41f024c4de18e1c93ec93872a132b6a8d558e6d873e
.dll windows x86

6bf2672290cf3dc82f21d2f2269ac278

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

MessageBoxA
ReleaseDC
GetParent
GetWindowRect
wsprintfA
GetDC

kernel32

DeleteCriticalSection
TlsSetValue
TlsFree
EnterCriticalSection
LeaveCriticalSection
QueryPerformanceCounter
TlsGetValue
GetTickCount
CreateFileA
InitializeCriticalSection
IsBadReadPtr
GetProcAddress
SetThreadPriority
Sleep
GlobalFree
GetModuleHandleA
TlsAlloc
GetDateFormatA
LoadLibraryA
VirtualAlloc
VirtualFree
FreeLibrary
GetModuleFileNameA
GlobalSize
SetLastError
GetStartupInfoA
GlobalAlloc
GetCurrentThreadId
GetLastError

msvcrt

free
realloc
fgets
fopen
_CIpow
sprintf
_ftol
fread
strtok
atol
memcpy
strstr
abort
exit
malloc
ftell
_stricmp
fclose
fseek
fwrite
strcpy
getenv
strcmp
rand
strncmp
memmove
sscanf
memset
_iob
_assert
fprintf

advapi32

RegOpenKeyExA
RegQueryValueExA
RegCloseKey

Exports

Exports

CollObjectMethod
GetFrame
WriteObjectToFile
free_default
get_bit_depth

Sections

.text
Size: 192KB - Virtual size: 191KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 72KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 256KB - Virtual size: 256KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 212KB - Virtual size: 211KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6bf2672290cf3dc82f21d2f2269ac278

Headers

File Characteristics

Imports

user32

kernel32

msvcrt

advapi32

Exports

Exports

Sections

.text Size: 192KB - Virtual size: 191KB

.rdata Size: 72KB - Virtual size: 70KB

.data Size: 256KB - Virtual size: 256KB

.rsrc Size: 212KB - Virtual size: 211KB

.reloc Size: 8KB - Virtual size: 6KB

.text
Size: 192KB - Virtual size: 191KB

.rdata
Size: 72KB - Virtual size: 70KB

.data
Size: 256KB - Virtual size: 256KB

.rsrc
Size: 212KB - Virtual size: 211KB

.reloc
Size: 8KB - Virtual size: 6KB