pwaah43f[.]gif

Sharing

Copy URL

Twitter E-mail

General

Target

pwaah43f.gif
Size

453KB
MD5

86cdc85c3d58de12bf6e8783d044a105
SHA1

b47f3b5529277cf2645ed56e8d1b832c9a065969
SHA256

a129f0d21e80d53b7de86f2b6cdc8434f75a4fb98eb87aa43753cb5bbdf561da
SHA512

6f392c86ea5c9d3046ad24b31b7246edcffbf6d612555a360d7d409778e3e17611f735cee7f663d949442cf2c8cf6e7b8a6d8e1836c23d281b0f3267664b0502
SSDEEP

6144:NoDXt02LN4DpFJZ2aCfTphY+2ou9ZryjYC0ro:CXtnLNuFJZ0nVwysb

Score

N/A

Malware Config

Signatures

Files

pwaah43f.gif
.dll windows x86

bc603be4735bd4c3889a300a03160591

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleW
LoadLibraryA
GetProcAddress
GetLastError
LeaveCriticalSection
LoadLibraryW
InterlockedIncrement
InterlockedDecrement
FreeLibrary
GetTickCount
SetEvent
CreateEventW
Sleep
WaitForSingleObject
CloseHandle
MultiByteToWideChar
WideCharToMultiByte
GetModuleFileNameW
GetCurrentProcessId
GetVersionExW
ReleaseMutex
UnmapViewOfFile
CreateFileMappingW
MapViewOfFile
EnterCriticalSection
OpenFileMappingW
CreateThread
OpenProcess
GetExitCodeProcess
TerminateThread
MulDiv
GetProcessHeap
FlushFileBuffers
CreateFileA
GetModuleHandleA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
DeleteCriticalSection
InitializeCriticalSection
QueryPerformanceCounter
GetSystemTimeAsFileTime
SetFilePointer
SetErrorMode
GetConsoleCP
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
GetLocaleInfoA
InitializeCriticalSectionAndSpinCount
GetConsoleMode
GetStartupInfoA
GetFileType
SetHandleCount
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapAlloc
HeapFree
RaiseException
RtlUnwind
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetCurrentThreadId
VirtualFree
VirtualAlloc
HeapReAlloc
HeapCreate
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
HeapSize
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
WritePrivateProfileStringW
WriteConsoleOutputAttribute
GetCurrentDirectoryW
SetConsoleScreenBufferSize

user32

LoadCursorA
CharNextA
EndPaint
PeekMessageW
IsWindow
GetClientRect
CopyRect
OffsetRect
IntersectRect
GetDC
ReleaseDC
SetRect
InvalidateRect
ValidateRect
DispatchMessageW
TranslateMessage
BeginPaint
SetPropA
GetKBCodePage
DeleteMenu
CreateMDIWindowA
RealGetWindowClassW
GetDesktopWindow
OemToCharA
GetMenuBarInfo
GetDlgItem
BroadcastSystemMessage
CreateDialogParamA
ShowScrollBar
CallWindowProcW
GetNextDlgTabItem
GetWindowRect
DrawIcon
SendMessageCallbackA
EnumPropsW
CreateWindowExW
TranslateAccelerator
ToAsciiEx
SetLastErrorEx
SetWindowPlacement

gdi32

AddFontResourceA
AddFontResourceW
RealizePalette
GetEnhMetaFileBits
GetEnhMetaFileW
GetStockObject
FillRgn
CombineRgn
CreateRectRgn
CreateRectRgnIndirect
DeleteObject
GdiFixUpHandle
GetWindowOrgEx
FONTOBJ_vGetInfo
CreateBitmap
EudcUnloadLinkW
ExcludeClipRect
GetEnhMetaFileDescriptionW
GetOutlineTextMetricsA
SetLayoutWidth
GetGlyphOutlineW
GdiTransparentBlt
CreateMetaFileW
SetPixelV
ColorMatchToTarget
PlayEnhMetaFileRecord
GetRandomRgn
DeviceCapabilitiesExA
GdiPlayJournal
GetCharacterPlacementW
ExtEscape
CreateFontA
GetCharWidthFloatW
CopyEnhMetaFileW
GdiAddGlsRecord
SetTextCharacterExtra
DeleteEnhMetaFile
GetCharABCWidthsI
GdiAddGlsBounds
GetTextExtentPointW
GetTextFaceW
EngDeleteSurface
EngCreateSemaphore
UnrealizeObject

advapi32

RegOpenKeyA

shell32

SHEmptyRecycleBinW
SHQueryRecycleBinW
SHCreateDirectoryExW

ole32

CoTaskMemFree
CoTaskMemRealloc
StringFromCLSID
CoCreateInstance
PropVariantClear
CoInitializeEx
CoGetMalloc
CoUninitialize
CLSIDFromString
CoTaskMemAlloc
CoLoadLibrary

shlwapi

StrCmpNA

Sections

.text
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 225B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata3
Size: 1024B - Virtual size: 776B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata2
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text4
Size: 247KB - Virtual size: 246KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ

.rsrc
Size: 135KB - Virtual size: 135KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bc603be4735bd4c3889a300a03160591

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

shlwapi

Sections

.text Size: 44KB - Virtual size: 43KB

.rdata Size: 512B - Virtual size: 225B

.rdata3 Size: 1024B - Virtual size: 776B

.rdata2 Size: 512B - Virtual size: 4B

.data Size: 14KB - Virtual size: 14KB

.text4 Size: 247KB - Virtual size: 246KB

.rsrc Size: 135KB - Virtual size: 135KB

.reloc Size: 9KB - Virtual size: 9KB

.text
Size: 44KB - Virtual size: 43KB

.rdata
Size: 512B - Virtual size: 225B

.rdata3
Size: 1024B - Virtual size: 776B

.rdata2
Size: 512B - Virtual size: 4B

.data
Size: 14KB - Virtual size: 14KB

.text4
Size: 247KB - Virtual size: 246KB

.rsrc
Size: 135KB - Virtual size: 135KB

.reloc
Size: 9KB - Virtual size: 9KB