29646bb52d7e66d72dda4f36ae4287309ba6b8e72620e941ab9bd1a1e9b5f441

General

Target

29646bb52d7e66d72dda4f36ae4287309ba6b8e72620e941ab9bd1a1e9b5f441
Size

328KB
MD5

d2d6de5c642b9d74c8577be2b8e59c10
SHA1

16669f058bc8a828249aafc0fb2178f1eb0f4a00
SHA256

29646bb52d7e66d72dda4f36ae4287309ba6b8e72620e941ab9bd1a1e9b5f441
SHA512

880e79ea18177f690ebe3209aafd1c24d411e6f4c3bb5c6ebddec78d79d606229734ccabac242c790c923a7c6d1c0c79f928f411a0514a0a210b3e3ff103b6e1
SSDEEP

6144:BPOiaI356XV+gHmHKCf+u0DXyRR6lklsZO6KpMX12U+dfxucfSzJm:paA6XV+gHmHr+deRAEndMX12FubJ

Score

N/A

Malware Config

Signatures

Files

29646bb52d7e66d72dda4f36ae4287309ba6b8e72620e941ab9bd1a1e9b5f441
.dll windows x86

0fed3bb1e605529b81dee71684d15508

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

MessageBoxA
GetDC
GetParent
ReleaseDC
WindowFromDC
GetWindowThreadProcessId
wsprintfA
GetWindowRect

advapi32

RegOpenKeyExA
RegQueryValueExA
RegCloseKey

kernel32

LeaveCriticalSection
GetProcAddress
FreeLibrary
GetDateFormatA
GetModuleFileNameA
TlsGetValue
TlsFree
GetModuleHandleA
SetThreadPriority
Sleep
GlobalAlloc
DeleteCriticalSection
IsBadReadPtr
GetVersionExA
LoadLibraryA
VirtualAlloc
CreateFileA
GetStartupInfoA
GetTickCount
GetLastError
TlsSetValue
SetLastError
GlobalFree
GlobalSize
TlsAlloc
VirtualFree
QueryPerformanceCounter
EnterCriticalSection
InitializeCriticalSection
GetCurrentThreadId

msvcrt

strncmp
sqrt
bsearch
_ftol
memcpy
free
fclose
ftell
realloc
rand
fgets
strcpy
fseek
memmove
atol
_stricmp
fopen
strtok
_CIpow
fprintf
strcmp
exit
_iob
_assert
abort
atoi
memset
getenv
sscanf
strstr
fread
malloc
sprintf
fwrite

Exports

Exports

InPlaceOr
State_New
WriteString
_Fini
set_tRNS_to_alpha

Sections

.text
Size: 108KB - Virtual size: 105KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 84KB - Virtual size: 83KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 84KB - Virtual size: 82KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0fed3bb1e605529b81dee71684d15508

Headers

File Characteristics

Imports

user32

advapi32

kernel32

msvcrt

Exports

Exports

Sections

.text Size: 108KB - Virtual size: 105KB

.rdata Size: 84KB - Virtual size: 83KB

.data Size: 40KB - Virtual size: 40KB

.rsrc Size: 84KB - Virtual size: 82KB

.reloc Size: 8KB - Virtual size: 7KB

.text
Size: 108KB - Virtual size: 105KB

.rdata
Size: 84KB - Virtual size: 83KB

.data
Size: 40KB - Virtual size: 40KB

.rsrc
Size: 84KB - Virtual size: 82KB

.reloc
Size: 8KB - Virtual size: 7KB