c6ca32a6329bc9292004e787840273c001f9f52d9f862880c09324c322250722

Sharing

Copy URL

Twitter E-mail

General

Target

c6ca32a6329bc9292004e787840273c001f9f52d9f862880c09324c322250722
Size

2.9MB
MD5

6509d88a55069e4902409cadddd0b6db
SHA1

57f82b1756f0d210cb282fa3c29053cd43594c96
SHA256

c6ca32a6329bc9292004e787840273c001f9f52d9f862880c09324c322250722
SHA512

b310aabf2ae1d4699b82cb69054faa5fac62462ef6b0ab74e8748ca450c53c0eb70dc0db3c5611e35aae0ccaf506d1ea7073ad51d3b60e01bd25257074905caf
SSDEEP

49152:EhJ75K9BBkhg18zY/of/4MKkykiIkXuAo/RxqE94yqHjtxouabO1TkSKuAlLlV5a:Aa18zY/of/4MKkykiRovor74O1TkSKuP

Score

N/A

Malware Config

Signatures

Files

c6ca32a6329bc9292004e787840273c001f9f52d9f862880c09324c322250722
.dll windows x86

9e1c5491b552546f8f1b6f01f84c79af

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalLock
WideCharToMultiByte
GlobalUnlock
LoadLibraryW
QueryPerformanceFrequency
QueryPerformanceCounter
DisableThreadLibraryCalls
CloseHandle
CreateThread
GetCurrentProcess
K32GetModuleInformation
GetModuleHandleW
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
ReleaseSemaphore
WaitForSingleObject
CreateSemaphoreA
InitializeSRWLock
ResumeThread
VirtualProtect
ExitThread
Sleep
InterlockedCompareExchange
FlushInstructionCache
HeapCreate
HeapDestroy
HeapAlloc
HeapReAlloc
HeapFree
GetCurrentProcessId
GetCurrentThreadId
OpenThread
GetThreadContext
SetThreadContext
SuspendThread
GlobalAlloc
Thread32First
Thread32Next
VirtualAlloc
VirtualFree
LocalFree
FormatMessageA
CreateDirectoryW
CreateFileW
FindClose
FindFirstFileExW
FindNextFileW
MultiByteToWideChar
VirtualQuery
GetFileAttributesExW
AreFileApisANSI
GetLastError
GetFileInformationByHandleEx
InitializeCriticalSectionAndSpinCount
SetEvent
ResetEvent
WaitForSingleObjectEx
CreateEventW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
RaiseException
GetSystemTimeAsFileTime
GlobalFree
GetProcAddress
CreateToolhelp32Snapshot
GetModuleHandleA
InitializeSListHead
GetProcessHeap
FreeLibrary
InterlockedExchange

user32

GetAsyncKeyState
MessageBoxA
CallWindowProcA
SetClipboardData
GetClipboardData
EmptyClipboard
CloseClipboard
OpenClipboard
GetCursorPos
SetCursorPos
ReleaseCapture
GetClientRect
SetCursor
SetCapture
GetForegroundWindow
IsChild
ClientToScreen
GetCapture
ScreenToClient
SetWindowLongA
LoadCursorA

msvcp140

?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAE@XZ
?sbumpc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JXZ
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPAD_J@Z
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPBD_J@Z
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UAE@XZ
?clear@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
?rdbuf@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEPAV?$basic_streambuf@DU?$char_traits@D@std@@@2@XZ
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UAE@XZ
??1?$basic_istream@DU?$char_traits@D@std@@@std@@UAE@XZ
?width@ios_base@std@@QAE_J_J@Z
?width@ios_base@std@@QBE_JXZ
?flags@ios_base@std@@QBEHXZ
?good@ios_base@std@@QBE_NXZ
?rdstate@ios_base@std@@QBEHXZ
?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ
??Bid@locale@std@@QAEIXZ
_Mtx_destroy_in_situ
_Mtx_init_in_situ
?pbase@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?setp@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXPAD0@Z
?setp@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXPAD00@Z
??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAEXXZ
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAEXXZ
?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ
?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEPAV12@PAD_J@Z
?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ
?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEXABVlocale@2@@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@H@Z
??1?$basic_iostream@DU?$char_traits@D@std@@@std@@UAE@XZ
?_Random_device@std@@YAIXZ
?id@?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@2V0locale@2@A
?_Getcat@?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?put@?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QBE?AV?$ostreambuf_iterator@DU?$char_traits@D@std@@@2@V32@AAVios_base@2@DPBUtm@@PBD3@Z
?getloc@ios_base@std@@QBE?AVlocale@2@XZ
_Mtx_trylock
?_Throw_C_error@std@@YAXH@Z
_Mtx_lock
_Mtx_unlock
?_Pnavail@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBE_JXZ
?pbump@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXH@Z
?_Gnavail@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBE_JXZ
?_Gninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ
?_Gndec@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ
?epptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?gbump@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXH@Z
?egptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?pptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?gptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?eback@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?out@?$codecvt@DDU_Mbstatet@@@std@@QBEHAAU_Mbstatet@@PBD1AAPBDPAD3AAPAD@Z
?in@?$codecvt@DDU_Mbstatet@@@std@@QBEHAAU_Mbstatet@@PBD1AAPBDPAD3AAPAD@Z
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??1_Lockit@std@@QAE@XZ
??0_Lockit@std@@QAE@H@Z
?uncaught_exceptions@std@@YAHXZ
?_Getgloballocale@locale@std@@CAPAV_Locimp@12@XZ
?always_noconv@codecvt_base@std@@QBE_NXZ
?_Xout_of_range@std@@YAXPBD@Z
?_Winerror_map@std@@YAHH@Z
?_Xbad_function_call@std@@YAXXZ
?id@?$codecvt@DDU_Mbstatet@@@std@@2V0locale@2@A
?_Fiopen@std@@YAPAU_iobuf@@PBDHH@Z
?_Xlength_error@std@@YAXPBD@Z
?_Syserror_map@std@@YAPBDH@Z
?tie@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEPAV?$basic_ostream@DU?$char_traits@D@std@@@2@XZ
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAE_JPBD_J@Z
?fill@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEDXZ
?_Getcat@?$codecvt@DDU_Mbstatet@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@XZ
?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QBE?AVlocale@2@XZ
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IAE@XZ
?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXPAPAD0PAH001@Z
?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXXZ
?setg@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXPAD00@Z
?unshift@?$codecvt@DDU_Mbstatet@@@std@@QBEHAAU_Mbstatet@@PAD1AAPAD@Z

winmm

PlaySoundA

d3dx9_43

D3DXCreateTextureFromFileInMemoryEx

imm32

ImmGetContext
ImmSetCompositionWindow
ImmReleaseContext

wininet

HttpSendRequestA
InternetConnectA
InternetReadFile
InternetCloseHandle
HttpOpenRequestA
InternetOpenA

vcruntime140

memcmp
__CxxFrameHandler3
__std_exception_destroy
__std_exception_copy
__std_type_info_compare
strstr
memmove
strrchr
longjmp
memcpy
memset
memchr
_setjmp3
__current_exception
__current_exception_context
_CxxThrowException
_except_handler4_common
__std_type_info_destroy_list
__vcrt_GetModuleFileNameW
__vcrt_LoadLibraryExW
_purecall

api-ms-win-crt-stdio-l1-1-0

ftell
fwrite
_wfopen
__stdio_common_vsscanf
fgetc
__stdio_common_vsprintf_s
fgetpos
fclose
fflush
setvbuf
_get_stream_buffer_pointers
fputc
_fseeki64
fopen
fread
__stdio_common_vsprintf
ungetc
fseek
fsetpos

api-ms-win-crt-heap-l1-1-0

_callnewh
free
malloc

api-ms-win-crt-math-l1-1-0

_dclass
_fdclass
_libm_sse2_acos_precise
_libm_sse2_atan_precise
_libm_sse2_cos_precise
_CIfmod
_libm_sse2_log_precise
_libm_sse2_pow_precise
_libm_sse2_sin_precise
_libm_sse2_sqrt_precise
_libm_sse2_tan_precise
_CIatan2
ceil
_dsign
floor
fminf
fmax
fmaxf
roundf
remainderf

api-ms-win-crt-convert-l1-1-0

strtol
strtoul
strtoll
strtod
atoi
strtoull
atof

api-ms-win-crt-filesystem-l1-1-0

_unlock_file
_lock_file

api-ms-win-crt-locale-l1-1-0

localeconv
___lc_codepage_func

api-ms-win-crt-runtime-l1-1-0

_cexit
_initterm
_initterm_e
system
_invalid_parameter_noinfo_noreturn
_execute_onexit_table
_register_onexit_function
_initialize_onexit_table
_initialize_narrow_environment
_configure_narrow_argv
_seh_filter_dll
terminate
_crt_atexit
_errno

api-ms-win-crt-string-l1-1-0

isdigit
strncmp
strcat_s
strcpy_s
strncpy

api-ms-win-crt-utility-l1-1-0

qsort

api-ms-win-crt-time-l1-1-0

_time64
_localtime64

Sections

.text
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 427KB - Virtual size: 426KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 626KB - Virtual size: 774KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 50KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9e1c5491b552546f8f1b6f01f84c79af

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

msvcp140

winmm

d3dx9_43

imm32

wininet

vcruntime140

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-convert-l1-1-0

api-ms-win-crt-filesystem-l1-1-0

api-ms-win-crt-locale-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-utility-l1-1-0

api-ms-win-crt-time-l1-1-0

Sections

.text Size: 1.8MB - Virtual size: 1.8MB

.rdata Size: 427KB - Virtual size: 426KB

.data Size: 626KB - Virtual size: 774KB

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 50KB - Virtual size: 50KB

.text
Size: 1.8MB - Virtual size: 1.8MB

.rdata
Size: 427KB - Virtual size: 426KB

.data
Size: 626KB - Virtual size: 774KB

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 50KB - Virtual size: 50KB