ab69f7e7b8d82c34676782f9db23194f96c95dff279ada81daefd1f5cfe113d6

Sharing

Copy URL

Twitter E-mail

General

Target

ab69f7e7b8d82c34676782f9db23194f96c95dff279ada81daefd1f5cfe113d6
Size

149KB
MD5

d11e42adad914c3ba95a4d54153a20d0
SHA1

12ec8bd57957135869f51ac40fb573fd15f40565
SHA256

ab69f7e7b8d82c34676782f9db23194f96c95dff279ada81daefd1f5cfe113d6
SHA512

69e143143e7c6b1d03caf9a60587a800e4d7a982757dbc0335867947a3fee77730f719d975ca2b28c827ed9f9e3a7787284169c1423b13a4d918262d032abbc6
SSDEEP

3072:tzaE7ZKrQMh/x8orIrUCic0PglqlsvARnj1N2bl55D8ejI1AbWxS/Cau2lPX3LMB:ZaE4rQqlrIQL8Eh2bloesObWxS/TzMB

Score

N/A

Malware Config

Signatures

Files

ab69f7e7b8d82c34676782f9db23194f96c95dff279ada81daefd1f5cfe113d6
.exe windows x86

54aaf8dc643114b5c601c5f8d229f3b9

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentThreadId
CloseHandle
LocalFree
CreateThread
CompareStringW
VirtualProtect
HeapSize
LoadLibraryW
RtlUnwind
IsProcessorFeaturePresent
HeapReAlloc
GetStringTypeW
LCMapStringW
GetSystemInfo
RemoveDirectoryW
LocalAlloc
GetDiskFreeSpaceW
GetCurrentDirectoryW
GetModuleFileNameW
GetFileAttributesW
WriteConsoleW
Sleep
ReadFile
MultiByteToWideChar
GetProcessHeap
SetEndOfFile
SetFilePointer
GetConsoleMode
GetConsoleCP
RaiseException
WideCharToMultiByte
GetSystemDirectoryW
CreateProcessW
GetEnvironmentVariableW
ExitProcess
GetTimeFormatA
GetDateFormatA
GetLastError
GetCommandLineW
HeapSetInformation
GetStartupInfoW
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetFileType
CreateFileA
CreateFileW
EncodePointer
TlsAlloc
TlsGetValue
TlsSetValue
DecodePointer
TlsFree
InterlockedIncrement
GetModuleHandleW
SetLastError
InterlockedDecrement
GetProcAddress
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
HeapFree
GetTimeZoneInformation
HeapAlloc
SetStdHandle
EnterCriticalSection
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
SetHandleCount
GetStdHandle
DeleteCriticalSection
WriteFile
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapCreate
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
SetEnvironmentVariableA

user32

GetClassInfoExW
CallWindowProcW
ReleaseCapture
GetCursorPos
EndDialog
GetWindowTextLengthW
CloseClipboard
GetMessageW
GetFocus
GetAncestor
SetFocus
RegisterClassExW
LoadIconW
OffsetRect
GetWindowLongW
AppendMenuW

comctl32

ord17
ImageList_DragLeave
_TrackMouseEvent

comdlg32

GetOpenFileNameW
ReplaceTextW
GetSaveFileNameW
GetFileTitleW

ole32

CoCreateInstance
CoUninitialize
CoInitialize
CoTaskMemFree
CoTaskMemAlloc

shlwapi

PathSkipRootW

avifil32

AVIStreamRelease
AVIFileInit
AVIStreamEndStreaming
AVIMakeFileFromStreams
AVIFileExit

Sections

.text
Size: 115KB - Virtual size: 114KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 610KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

54aaf8dc643114b5c601c5f8d229f3b9

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

comctl32

comdlg32

ole32

shlwapi

avifil32

Sections

.text Size: 115KB - Virtual size: 114KB

.rdata Size: 20KB - Virtual size: 19KB

.data Size: 4KB - Virtual size: 610KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 8KB - Virtual size: 7KB

.text
Size: 115KB - Virtual size: 114KB

.rdata
Size: 20KB - Virtual size: 19KB

.data
Size: 4KB - Virtual size: 610KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 8KB - Virtual size: 7KB