b23e64576bf3c154253132b596ec2ffd1dba66aba443d0803a795782e40e6fe7

Sharing

Copy URL Twitter E-mail

General

Target

b23e64576bf3c154253132b596ec2ffd1dba66aba443d0803a795782e40e6fe7
Size

60KB
MD5

c94fe4a2c7e3507afced6b9afed97935
SHA1

9457a5745d1fc25a013777e4f1b4dfbadcf88892
SHA256

b23e64576bf3c154253132b596ec2ffd1dba66aba443d0803a795782e40e6fe7
SHA512

164a007939ef44912e2b418a46fe6de61fd8e5f361c79b372f545cda19e18b113f9f0893b3ed318822422aaacbdbfe5d957d0786c5fe546c05199f30570299ce
SSDEEP

768:DHP4G1T+F/WsJ6IEIAlbgzVv97GtNpW+YigBjFZ6e03f4bOWWfhps/:DHP4G1SPlmgzVvJkpGZRFN03WH

Score

N/A

Malware Config

Signatures

Files

b23e64576bf3c154253132b596ec2ffd1dba66aba443d0803a795782e40e6fe7
.dll windows x86

69808b1e41915ffd1c631946ee409bb1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalFree
GlobalAlloc
GetProcAddress
LoadLibraryA
GetSystemDirectoryA
CloseHandle
CreateThread
IsBadReadPtr
GetCurrentThreadId
GetModuleHandleA
WideCharToMultiByte
Sleep
ExitProcess
WaitForSingleObject
GetTickCount
InterlockedDecrement
GetLastError
MultiByteToWideChar
lstrlenA
LocalFree

ole32

CoCreateInstance
CoUninitialize
CreateStreamOnHGlobal
CoInitialize
CLSIDFromProgID

oleaut32

SafeArrayGetDim
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayAccessData
SafeArrayUnaccessData
SysFreeString
VariantInit
VariantCopy
SysAllocString
GetErrorInfo
SysStringLen
VariantClear

msvcrt

_CxxThrowException
_itoa
_adjust_fdiv
_initterm
_onexit
__dllonexit
strncpy
??2@YAPAXI@Z
strstr
atoi
??3@YAXPAX@Z
free
malloc
wcscmp
__CxxFrameHandler
_snprintf
??1type_info@@UAE@XZ

gdiplus

GdipFree
GdipCloneImage
GdipGetImageEncodersSize
GdipGetImageEncoders
GdiplusStartup
GdiplusShutdown
GdipSaveImageToStream
GdipAlloc
GdipLoadImageFromStream
GdipDisposeImage

Exports

Exports

AlphaBlend
DllInitialize
GradientFill
TransparentBlt
vSetDdrawflag

Sections

.text
Size: 28KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

69808b1e41915ffd1c631946ee409bb1

Headers

File Characteristics

Imports

kernel32

ole32

oleaut32

msvcrt

gdiplus

Exports

Exports

Sections

.text Size: 28KB - Virtual size: 26KB

.data Size: 4KB - Virtual size: 2KB

.text Size: 4KB - Virtual size: 1KB

.text Size: 16KB - Virtual size: 14KB

.reloc Size: 4KB - Virtual size: 1KB

.text
Size: 28KB - Virtual size: 26KB

.data
Size: 4KB - Virtual size: 2KB

.text
Size: 4KB - Virtual size: 1KB

.text
Size: 16KB - Virtual size: 14KB

.reloc
Size: 4KB - Virtual size: 1KB