bf065ea538c28198d78ab3f634bc37c076790373e4b2d63e3d05d48be7b89e48

Sharing

Copy URL Twitter E-mail

General

Target

bf065ea538c28198d78ab3f634bc37c076790373e4b2d63e3d05d48be7b89e48
Size

102KB
MD5

30d9105d8fcecd8bd8d2d4a27fb0a589
SHA1

18e5f5d0a000e993379afe97aa428ab1581625d0
SHA256

bf065ea538c28198d78ab3f634bc37c076790373e4b2d63e3d05d48be7b89e48
SHA512

d5d26b925647b174445b1f2186aae07d6f756758307a0590aacb478329a18a7f6f942dbab21dcc81c9ea79e33b96bafc8d1f55494b86a95a69d67e526c85023a
SSDEEP

3072:zPZJsYjIU9GAaHJtuRRc4B3iNkKAxzrXjD:z1IU9W3un3B3iGKMb

Score

N/A

Malware Config

Signatures

Files

bf065ea538c28198d78ab3f634bc37c076790373e4b2d63e3d05d48be7b89e48
.dll windows x86

9a4608aae9e947f51d31d0f7965f9761

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WaitForSingleObject
SetEvent
ResumeThread
CreateThread
GetProcAddress
LoadLibraryA
InitializeCriticalSection
VirtualFree
lstrlenA
lstrcpyA
TerminateThread
MoveFileA
HeapFree
GetProcessHeap
GlobalUnlock
Process32Next
GetLastError
RaiseException
InterlockedExchange
LocalAlloc
FreeLibrary
CloseHandle
FindNextFileA
CreateEventA
LocalFree

msvcrt

free
_except_handler3
strrchr
strcat
strncpy
strncat
realloc
atoi
strcmp
_beginthreadex
calloc
??1type_info@@UAE@XZ
_initterm
_adjust_fdiv
__dllonexit
_onexit
_ftol
malloc
strchr
memcmp
strstr
wcstombs
strlen
ceil
memmove
_CxxThrowException
__CxxFrameHandler
memcpy
??3@YAXPAX@Z
??2@YAPAXI@Z
memset
strcpy
_strnicmp
_strcmpi

msvcp60

?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?_C@?1??_Nullstr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@CAPBDXZ@4DB
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB

avicap32

capGetDriverDescriptionA
capCreateCaptureWindowA

Exports

Exports

jishu
ruixing
xhj

Sections

.text
Size: 71KB - Virtual size: 70KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9a4608aae9e947f51d31d0f7965f9761

Headers

File Characteristics

Imports

kernel32

msvcrt

msvcp60

avicap32

Exports

Exports

Sections

.text Size: 71KB - Virtual size: 70KB

.rdata Size: 11KB - Virtual size: 11KB

.data Size: 9KB - Virtual size: 10KB

.idata Size: 2KB - Virtual size: 2KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 6KB - Virtual size: 5KB

.text
Size: 71KB - Virtual size: 70KB

.rdata
Size: 11KB - Virtual size: 11KB

.data
Size: 9KB - Virtual size: 10KB

.idata
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 6KB - Virtual size: 5KB