4dfc68775c3e0265f6ab7b9e5500656938b39457497c02b52a929e6e79a9ca87

Sharing

Copy URL Twitter E-mail

General

Target

4dfc68775c3e0265f6ab7b9e5500656938b39457497c02b52a929e6e79a9ca87
Size

86KB
MD5

6a0c29cc8d9215ab0480095ff1f834f1
SHA1

91ea56b00bac630bb698b1a9f7b52b1a71ae0b6c
SHA256

4dfc68775c3e0265f6ab7b9e5500656938b39457497c02b52a929e6e79a9ca87
SHA512

7e975eb6bbfc93108b557ea868d61beec27805d51480ddddb304291f641c97a5562d5595fce5afb910ad711b0fbbb8a1c3abbae7205cdb9f2f71357c2e290b11
SSDEEP

1536:Q5ISRCI7TwBdHLqCEvZZo0TKrqKNxauR6pjAeGQvsIsX:QgPbHLrEvZZo0mrRzauR6rGQXs

Score

N/A

Malware Config

Signatures

Files

4dfc68775c3e0265f6ab7b9e5500656938b39457497c02b52a929e6e79a9ca87
.exe windows x86

2c0aa1b24ef979c0da7211d1127fded8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VerLanguageNameA
GetDateFormatA
WaitForMultipleObjects
VirtualProtect
CreateMutexA
GetModuleHandleA
GetProcAddress
GetComputerNameA
ReleaseSemaphore
VirtualAlloc
FreeEnvironmentStringsA
GetCommandLineA
CreateSemaphoreA
GetCurrentThreadId
GetTickCount
GetEnvironmentVariableA
CloseHandle
ResetEvent
OpenSemaphoreA
LocalReAlloc
GetModuleFileNameA
GetLastError
GetFullPathNameA
HeapFree
GetStartupInfoA
GetVersion
ExitProcess
GetCurrentDirectoryA
GetDriveTypeA
HeapAlloc
EnterCriticalSection
LeaveCriticalSection
ReadFile
FlushFileBuffers
WriteFile
InitializeCriticalSection
DeleteCriticalSection
HeapDestroy
HeapCreate
VirtualFree
HeapReAlloc
SetHandleCount
GetStdHandle
GetFileType
SetFilePointer
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
TlsSetValue
TlsAlloc
SetLastError
TlsGetValue
RtlUnwind
SetStdHandle
InterlockedDecrement
InterlockedIncrement
GetCPInfo
GetACP
GetOEMCP
LoadLibraryA
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW

version

GetFileVersionInfoA
VerQueryValueA
VerInstallFileA
GetFileVersionInfoSizeA
VerFindFileA

avifil32

AVIStreamGetFrame
AVIMakeFileFromStreams
AVIFileOpenA
AVIStreamTimeToSample
CreateEditableStream
AVISaveOptions
AVIPutFileOnClipboard
EditStreamSetNameW

avicap32

capCreateCaptureWindowA

msvfw32

GetOpenFileNamePreviewA
ICInfo
ICImageCompress
ICSeqCompressFrameEnd

uxtheme

IsThemeActive

ws2_32

shutdown
getpeername
socket
inet_addr
sendto
closesocket
bind
htonl
getprotobynumber
listen
ntohs
gethostbyaddr
setsockopt
select
gethostbyname

wsnmp32

ord900
ord600
ord902
ord220
ord501

Sections

.text
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2c0aa1b24ef979c0da7211d1127fded8

Headers

File Characteristics

Imports

kernel32

version

avifil32

avicap32

msvfw32

uxtheme

ws2_32

wsnmp32

Sections

.text Size: 29KB - Virtual size: 28KB

.rdata Size: 7KB - Virtual size: 6KB

.data Size: 3KB - Virtual size: 14KB

.rsrc Size: 42KB - Virtual size: 41KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 29KB - Virtual size: 28KB

.rdata
Size: 7KB - Virtual size: 6KB

.data
Size: 3KB - Virtual size: 14KB

.rsrc
Size: 42KB - Virtual size: 41KB

.reloc
Size: 4KB - Virtual size: 3KB