70509b4d2218273a1749e8098b1e70ebcd63d0053da52e9e4738ed4558234604

Sharing

Copy URL Twitter E-mail

General

Target

70509b4d2218273a1749e8098b1e70ebcd63d0053da52e9e4738ed4558234604
Size

177KB
MD5

65b3caa4a87ef54b2b1cad377199c0c8
SHA1

f01182c46cc8f5e4d186b282660050615d2a2cc7
SHA256

70509b4d2218273a1749e8098b1e70ebcd63d0053da52e9e4738ed4558234604
SHA512

76bbb76cdaf0b5a78db40a9bce7ed2ddac0c37a7cacab8cd2e36f67728bf3020c80ecdf46c7ff0105105a9e36f13cc2552b2e3126147318a7371383b33ea96b8
SSDEEP

3072:SHR8xiTXwu5DqWEhFrJ+z7Z83aKl4xdfXjCsQeyqcLSV+huU90uI6Q:i8xiTXwu5eW+9+C3nKXz5sbA

Score

N/A

Malware Config

Signatures

Files

70509b4d2218273a1749e8098b1e70ebcd63d0053da52e9e4738ed4558234604
.exe windows x86

e1044a7966b9892e8454299da2cde9f9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

PropertySheetW
DestroyPropertySheetPage
CreatePropertySheetPageW

gdi32

CreateSolidBrush
GetObjectW
DeleteObject
SetBkColor
CreateFontIndirectW
GetDeviceCaps
SetBkMode

kernel32

InitializeCriticalSection
SetHandleCount
FreeLibrary
LoadLibraryExW
VirtualFree
LoadLibraryA
GetConsoleOutputCP
GetUserDefaultUILanguage
WaitForMultipleObjects
TlsFree
WideCharToMultiByte
MultiByteToWideChar
WriteConsoleA
CloseHandle
GetConsoleCP
LeaveCriticalSection
SetUnhandledExceptionFilter
TerminateProcess
IsValidCodePage
UnhandledExceptionFilter
LoadLibraryW
GetSystemTimeAsFileTime
GetPriorityClass
EndUpdateResourceW
HeapSize
GetModuleHandleA
TlsAlloc
HeapCreate
GetSystemDirectoryW
TlsSetValue
GetEnvironmentStrings
BeginUpdateResourceW
RtlUnwind
GetCommandLineA
GetProcAddress
GetLocaleInfoA
GetStdHandle
IsDebuggerPresent
FreeEnvironmentStringsA
EnumResourceTypesW
GetStringTypeA
HeapFree
GetACP
SetStdHandle
ReadFile
GetFileAttributesW
GetProcessHeap
HeapDestroy
GetCPInfo
HeapReAlloc
TlsGetValue
GetEnvironmentStringsW
CreateDirectoryW
GetTickCount
GetModuleFileNameA
GetStartupInfoA
GetStringTypeW
GetOEMCP
GetVersionExA
GetCurrentProcessId
DeleteCriticalSection
Sleep
InterlockedIncrement
SetLastError
ExitProcess
GetCurrentThreadId
FlushFileBuffers
CreateFileW
UpdateResourceW
VirtualAlloc
WriteFile
SetFilePointer
GetFileSize
RaiseException
InterlockedDecrement
GetCurrentProcess
GetFileType
LCMapStringA
HeapAlloc
FreeEnvironmentStringsW
WriteConsoleW
QueryPerformanceCounter
GetModuleFileNameW
LCMapStringW
EnterCriticalSection
CreateFileA
GetConsoleMode
GetLastError

avifil32

AVISaveOptions
AVIMakeCompressedStream

user32

BeginPaint
GetWindowDC
ReleaseDC
EndPaint
GetWindowRect
LoadIconW
SetWindowPos
MessageBoxW
DefWindowProcW
GetClientRect
SetDlgItemTextW
DestroyWindow
AdjustWindowRect
CallWindowProcW
GetWindowLongW
SetWindowLongW
PostMessageW
LoadStringW
GetDlgItem
GetDlgItemTextW
ScreenToClient
MoveWindow
GetSystemMetrics
LoadBitmapW
SendMessageW
GetParent
CreateWindowExW

shell32

ShellExecuteW
SHBrowseForFolderW
SHGetSpecialFolderPathW
SHGetPathFromIDListW

ole32

CoCreateInstance
CoUninitialize
CoInitialize

Sections

.text
Size: 98KB - Virtual size: 97KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 73KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 1024B - Virtual size: 248KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e1044a7966b9892e8454299da2cde9f9

Headers

File Characteristics

Imports

comctl32

gdi32

kernel32

avifil32

user32

shell32

ole32

Sections

.text Size: 98KB - Virtual size: 97KB

.rdata Size: 4KB - Virtual size: 3KB

.bss Size: 73KB - Virtual size: 72KB

.tls Size: 1024B - Virtual size: 248KB

.text
Size: 98KB - Virtual size: 97KB

.rdata
Size: 4KB - Virtual size: 3KB

.bss
Size: 73KB - Virtual size: 72KB

.tls
Size: 1024B - Virtual size: 248KB