17b79e471735699951b299deecbb80d335766d55aa40cd40075711d3be7333f3

Sharing

Copy URL

Twitter E-mail

General

Target

17b79e471735699951b299deecbb80d335766d55aa40cd40075711d3be7333f3
Size

23KB
MD5

5d6372b8243e5fa5d867ef38fc49ebdf
SHA1

6ac0b0850e02c32dbc92b0d3422832d05e88ae4b
SHA256

17b79e471735699951b299deecbb80d335766d55aa40cd40075711d3be7333f3
SHA512

b67a0948831ba126c4543c127275c322a3406648c0780319a9217547b2cedb0f3dd13dc8e3ba1200811301576dd83751f7d863b643396d47f5988b1fcccf0b70
SSDEEP

384:PtOUvpgn30o3flY0kUlseo9kHrmjor97GLjh6kGR3HHpIW6kZ/3:Ppm30+JBo9QTpml6/3HJ/6kZv

Score

N/A

Malware Config

Signatures

Files

17b79e471735699951b299deecbb80d335766d55aa40cd40075711d3be7333f3
.exe windows x86

184b73bd19a06830922286e911be3949

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

wsprintfA
GetDC
GetDesktopWindow
LoadStringA
wvsprintfA
ReleaseDC
OffsetRect

msvcrt

_chdir
_beginthread
exit
_beep

kernel32

VirtualAlloc
GetCommandLineA
GetVersionExA
GetOEMCP
HeapDestroy
SetFilePointer
GetProcAddress
FlushFileBuffers
InterlockedExchange
CreateFileA
RaiseException
LCMapStringW
WriteFile
QueryPerformanceCounter
GetEnvironmentStringsW
GetCurrentThreadId
Sleep
CloseHandle
TlsFree
lstrcpyA
SetEndOfFile
SetLastError
EnterCriticalSection
HeapReAlloc
VirtualProtect
VirtualFree
GetTickCount
GetLocaleInfoW
GetFileType
HeapCreate
GetStringTypeW
LoadLibraryA
GetCPInfo
GetSystemTimeAsFileTime
GetSystemInfo
DeleteCriticalSection
lstrlenW
SetStdHandle
GetProcessHeap
InterlockedDecrement
GetLastError
HeapAlloc
LCMapStringA
GetACP
InterlockedIncrement
GetUserDefaultLCID
InitializeCriticalSection
IsValidCodePage
TlsSetValue
GetCurrentProcess
LeaveCriticalSection
GetModuleHandleA
OutputDebugStringA
GetLocaleInfoA
TerminateProcess
GetStringTypeA
VirtualQuery
ExitProcess
HeapFree
GetCurrentProcessId
ReadFile
SetHandleCount
GetModuleFileNameA
GetStartupInfoA
FreeEnvironmentStringsA
lstrlenA
EnumSystemLocalesA
FreeEnvironmentStringsW
TlsAlloc
GetEnvironmentStrings
TlsGetValue
WideCharToMultiByte
IsValidLocale
MultiByteToWideChar
SetUnhandledExceptionFilter
GetStdHandle
HeapSize

avifil32

AVIFileInfo

gdi32

GetDIBits
GetObjectA
DeleteObject
GetPaletteEntries
CreateCompatibleDC
DeleteDC
SelectObject
CreateDIBSection
CreateCompatibleBitmap

activeds

FreeADsMem

ntdll

RtlUnwind

advapi32

RegOpenKeyExA
RegQueryValueExA

urlmon

URLOpenBlockingStreamA
URLOpenBlockingStreamW

Sections

.textbss
Size: - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 512B - Virtual size: 504B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

184b73bd19a06830922286e911be3949

Headers

DLL Characteristics

File Characteristics

Imports

user32

msvcrt

kernel32

avifil32

gdi32

activeds

ntdll

advapi32

urlmon

Sections

.textbss Size: - Virtual size: 80KB

.idata Size: 21KB - Virtual size: 21KB

.text Size: 512B - Virtual size: 504B

.rsrc Size: 512B - Virtual size: 80KB

.textbss
Size: - Virtual size: 80KB

.idata
Size: 21KB - Virtual size: 21KB

.text
Size: 512B - Virtual size: 504B

.rsrc
Size: 512B - Virtual size: 80KB