ce76509b65fb172b967abd8215577759bce4cc2a20598f643519755d0cf31cef

Sharing

Copy URL Twitter E-mail

General

Target

ce76509b65fb172b967abd8215577759bce4cc2a20598f643519755d0cf31cef
Size

144KB
MD5

f8cce8e615b79200a88d6bbd24708680
SHA1

fd07dd3ed4e699b700a5c5997d72d3af6b92f072
SHA256

ce76509b65fb172b967abd8215577759bce4cc2a20598f643519755d0cf31cef
SHA512

26e49a40664cbee9a4a022ea2acd17a793781e3b7aa99ba2a2b1f55625d9b422cd254e62e3b69a4eb244b5b6aa3a346b323baeb47359deb8f90884fdb684522a
SSDEEP

3072:NxdR2emF0TUa9FumzCpbU2ef9cMjrR8o3Yq+0CJy:DdR2emFGZsbleVt+

Score

N/A

Malware Config

Signatures

Files

ce76509b65fb172b967abd8215577759bce4cc2a20598f643519755d0cf31cef
.dll windows x86

8ba236068058eb6ef8f8628e4a9a431b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcmpA
GetModuleHandleA
GetProcAddress
GetModuleFileNameA
DisableThreadLibraryCalls
ExitProcess
MultiByteToWideChar
lstrlenA

user32

DialogBoxParamA
GetDesktopWindow

ole32

CoUninitialize
CoInitializeEx
CoInitialize
CoCreateInstance

oleaut32

VariantChangeType
SysFreeString
VariantClear
VariantCopy

msvcp60

?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ID@Z
?_C@?1??_Nullstr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@CAPBDXZ@4DB
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
??8std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z

gdiplus

GdiplusStartup
GdipLoadImageFromFile
GdipCloneImage
GdiplusShutdown
GdipGetImageEncoders
GdipDisposeImage
GdipAlloc
GdipSaveImageToFile
GdipFree

msvcrt

??2@YAPAXI@Z
__CxxFrameHandler
strlen
strncpy
_adjust_fdiv
malloc
_initterm
_onexit
__dllonexit
free
memcmp
strcmp
_errno

Exports

Exports

RegisterDll
UnregisterDll

Sections

.text
Size: 120KB - Virtual size: 120KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

8ba236068058eb6ef8f8628e4a9a431b

Headers

File Characteristics

Imports

kernel32

user32

ole32

oleaut32

msvcp60

gdiplus

msvcrt

Exports

Exports

Sections

.text Size: 120KB - Virtual size: 120KB

.rsrc Size: 8KB - Virtual size: 8KB

.reloc Size: 12KB - Virtual size: 12KB

.text
Size: 120KB - Virtual size: 120KB

.rsrc
Size: 8KB - Virtual size: 8KB

.reloc
Size: 12KB - Virtual size: 12KB