7f0348c7dd85c34080fefad6a69e2dd41876104ce84ed59edeee008c07bab30a

Sharing

Copy URL

Twitter E-mail

General

Target

7f0348c7dd85c34080fefad6a69e2dd41876104ce84ed59edeee008c07bab30a
Size

68KB
MD5

cee250da72bde50e870d2dcc464af995
SHA1

424c875a3c03ea29a19eec3f5c02d956ed42f457
SHA256

7f0348c7dd85c34080fefad6a69e2dd41876104ce84ed59edeee008c07bab30a
SHA512

6da0f1189cd534932e877a42a0006f6c2aa5561d6b4d67919d8626b7b535236b16e37140f0f3b369518dbe75f23b31fd6477a4b6ac8582d2763e5ebdc2617ad9
SSDEEP

768:6qInlk+WLgJKp7FTlaXkYPWyk/YmFsIVeLLznlk+Orv9eO1Bg:ZuWsJKpNAE5QmFmLLnI9eO1

Score

N/A

Malware Config

Signatures

Files

7f0348c7dd85c34080fefad6a69e2dd41876104ce84ed59edeee008c07bab30a
.dll windows x86

1b8ebc6b2c1eb3b083743723be87eb8c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdiplus

GdipCloneImage
GdiplusStartup
GdiplusShutdown
GdipGetImageEncoders
GdipGetImageEncodersSize
GdipCreateBitmapFromHBITMAP
GdipSaveImageToFile
GdipDisposeImage
GdipLoadImageFromFileICM
GdipLoadImageFromFile
GdipAlloc
GdipFree

winmm

mciSendStringA

kernel32

PeekNamedPipe
ReadFile
CreateProcessA
GetEnvironmentVariableA
CreateThread
SuspendThread
ResumeThread
ExitProcess
CreateDirectoryA
DeleteFileA
MoveFileA
CopyFileA
GetModuleFileNameA
CreateFileA
TerminateThread
WriteFile
Process32First
OpenProcess
TerminateProcess
CreateToolhelp32Snapshot
Process32Next
GetDriveTypeA
FindFirstFileA
FindNextFileA
FindClose
GetCurrentThread
GetLastError
CloseHandle
lstrcatA
GlobalMemoryStatus
GetVersionExA
GetModuleHandleA
GetProcAddress
GetSystemInfo
lstrcpyA
GetComputerNameA
LocalAlloc
GetSystemTimeAsFileTime
GetTickCount
Sleep
GetCurrentProcess
FreeLibrary
LoadLibraryA
GetFileAttributesA
InterlockedExchange
InterlockedCompareExchange
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
QueryPerformanceCounter
GetCurrentThreadId
GetCurrentProcessId
CreatePipe

user32

GetDC
wsprintfA
GetSystemMetrics
PostQuitMessage
GetWindowTextA
GetForegroundWindow
GetWindow
IsWindowVisible
ShowWindow
DispatchMessageA
TranslateMessage
ReleaseDC
CreateDialogParamA
CallNextHookEx
ToAsciiEx
ToUnicodeEx
GetKeyState
GetKeyboardState
UnhookWindowsHookEx
SetWindowsHookExA
ExitWindowsEx
DestroyWindow
SendMessageA
IsWindow
GetDesktopWindow
GetWindowDC
GetMessageA

gdi32

CreateDCA
GetDIBits
CreateCompatibleBitmap
SetPixel
GetObjectA
CreateCompatibleDC
SetDIBits
DeleteObject
RestoreDC
BitBlt
SelectObject
SaveDC
DeleteDC
CreateDIBSection
GetPixel
GetDeviceCaps

advapi32

RegCloseKey
AdjustTokenPrivileges
RegQueryInfoKeyA
RegEnumKeyExA
RegEnumValueA
OpenThreadToken
GetTokenInformation
AllocateAndInitializeSid
EqualSid
FreeSid
GetUserNameA
EnumServicesStatusA
QueryServiceConfigA
QueryServiceStatusEx
ControlService
OpenSCManagerA
OpenServiceA
StartServiceA
CloseServiceHandle
LookupPrivilegeValueA
RegQueryValueExA
RegOpenKeyExA
OpenProcessToken

shell32

ShellExecuteA

msvcr90

srand
_unlock
__clean_type_info_names_internal
_crt_debugger_hook
?_type_info_dtor_internal_method@type_info@@QAEXXZ
?terminate@@YAXXZ
__CppXcptFilter
_adjust_fdiv
_amsg_exit
_initterm_e
_initterm
_decode_pointer
_encoded_null
_malloc_crt
_encode_pointer
??3@YAXPAX@Z
rand
memcpy
calloc
_snprintf
ftell
fseek
fwrite
atoi
sprintf
realloc
free
_except_handler4_common
_onexit
_lock
fgets
fclose
strstr
_time64
fopen
fread
printf
memset
malloc
__dllonexit

userenv

GetUserProfileDirectoryA

ws2_32

recv
send
WSAGetLastError
gethostname
WSACleanup
inet_ntoa
gethostbyname
WSAStartup
closesocket
WSAAsyncSelect
connect
socket
htons
inet_addr
bind
WSASetLastError
accept
listen

avicap32

capCreateCaptureWindowA
capGetDriverDescriptionA

Exports

Exports

?KeyEvent@@YGJHIJ@Z

Sections

.data
Size: 63KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 1016B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1b8ebc6b2c1eb3b083743723be87eb8c

Headers

File Characteristics

Imports

gdiplus

winmm

kernel32

user32

gdi32

advapi32

shell32

msvcr90

userenv

ws2_32

avicap32

Exports

Exports

Sections

.data Size: 63KB - Virtual size: 62KB

.rsrc Size: 1024B - Virtual size: 1016B

.reloc Size: 3KB - Virtual size: 2KB

.data
Size: 63KB - Virtual size: 62KB

.rsrc
Size: 1024B - Virtual size: 1016B

.reloc
Size: 3KB - Virtual size: 2KB