045991029a6a9f8ac9176962eb1cf434128313dce534a1b7b3530b50363aea69

General

Target

045991029a6a9f8ac9176962eb1cf434128313dce534a1b7b3530b50363aea69
Size

372KB
MD5

bc3e6abd2f88bb389c2ea8574a221350
SHA1

9fdc5639f89b85076156068b06f32ee5ce7ae406
SHA256

045991029a6a9f8ac9176962eb1cf434128313dce534a1b7b3530b50363aea69
SHA512

9c8882316c0f6f2cef8a1355c2071785f5e0a03f3bba8323e43946e3fe738438e873f1e6f4c9bbffc0874758f69a2c3e9ecc3a06aeb883d0d3833053d81e7b73
SSDEEP

6144:Ytr5/4WwwCe8NbopxTklGlc5/nCRkX479xnA/tMssA/:Yt1/4WwwOAbV7Xh

Score

N/A

Malware Config

Signatures

Files

045991029a6a9f8ac9176962eb1cf434128313dce534a1b7b3530b50363aea69
.dll windows x86

2bb16867755aba7f8916f04cc3a78d0c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc
GetLastError
GetModuleFileNameA
EnterCriticalSection
GetProcAddress
CreateFileA
IsBadReadPtr
LoadLibraryA
GetModuleHandleA
GetStartupInfoA
InitializeCriticalSection
GlobalSize
DeleteCriticalSection
TlsAlloc
GetTickCount
TlsGetValue
SetThreadPriority
TlsSetValue
GlobalAlloc
GlobalFree
GetDateFormatA
GetCurrentThreadId
QueryPerformanceCounter
TlsFree
Sleep
FreeLibrary
LeaveCriticalSection
VirtualFree
SetLastError

advapi32

RegCloseKey
RegQueryValueExA
RegOpenKeyExA

msvcrt

realloc
strcpy
fgets
free
abort
ftell
fwrite
fopen
rand
memcpy
calloc
_stricmp
getenv
_CIpow
sscanf
malloc
memset
strstr
strtok
_assert
fclose
sprintf
strncmp
atoi
fprintf
fread
strcmp
fseek
atol
exit
_iob
_ftol
memmove

user32

ReleaseDC
wsprintfA
GetWindowThreadProcessId
GetWindowRect
GetParent
GetDC
MessageBoxA

Exports

Exports

Number_Check
get_signature
memcpy_check
read_image
set_convert_mono

Sections

.text
Size: 116KB - Virtual size: 114KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 72KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 92KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 76KB - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2bb16867755aba7f8916f04cc3a78d0c

Headers

File Characteristics

Imports

kernel32

advapi32

msvcrt

user32

Exports

Exports

Sections

.text Size: 116KB - Virtual size: 114KB

.rdata Size: 72KB - Virtual size: 71KB

.data Size: 92KB - Virtual size: 92KB

.rsrc Size: 76KB - Virtual size: 75KB

.reloc Size: 12KB - Virtual size: 11KB

.text
Size: 116KB - Virtual size: 114KB

.rdata
Size: 72KB - Virtual size: 71KB

.data
Size: 92KB - Virtual size: 92KB

.rsrc
Size: 76KB - Virtual size: 75KB

.reloc
Size: 12KB - Virtual size: 11KB