c5dc56f2d843b44278f0f40f51287c0275b4ab6e8370099d1d97a4d52f5723ea

Sharing

Copy URL Twitter E-mail

General

Target

c5dc56f2d843b44278f0f40f51287c0275b4ab6e8370099d1d97a4d52f5723ea
Size

174KB
MD5

6b63e2a790479129737d744cc83b2eaa
SHA1

a719ecb9fcd9365596cabc192a98fe93d1659c2c
SHA256

c5dc56f2d843b44278f0f40f51287c0275b4ab6e8370099d1d97a4d52f5723ea
SHA512

4cc988f743ba63c5f01317d4a21961afbc3c186eb08223a32022dd6287b2f0171493849097c180480b49e598b13005bed8e470cd87b8b4ed975bda3f3126304a
SSDEEP

3072:rcub980oKnR+zCxXAf9Amv+N2Mk5qNFXlnlSiHw:YU848eofGN2+F/H

Score

N/A

Malware Config

Signatures

Files

c5dc56f2d843b44278f0f40f51287c0275b4ab6e8370099d1d97a4d52f5723ea
.exe windows x86

548d68aca132465d935a49460a41f432

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

CopyRect
FillRect
IsRectEmpty
TranslateMessage
OffsetRect
ReleaseDC
GetClientRect
SetRectEmpty
DispatchMessageW
wsprintfW
GetDC
PeekMessageW
GetWindowRect

winmm

timeGetTime

kernel32

lstrlenA
CreateDirectoryW
CreateDirectoryA
InitializeCriticalSection
GetThreadLocale
SetFileAttributesA
CloseHandle
GetTickCount
Sleep
WaitNamedPipeA
GetLastError
GetSystemTime
GetTempFileNameA
OutputDebugStringA
SetFileAttributesW
FindFirstFileW
CopyFileA
GetTempFileNameW
GetModuleFileNameW
ReleaseMutex
GetModuleFileNameA
GetACP
GetCurrentProcessId
DeleteCriticalSection
GetProcessAffinityMask
FindNextFileW
InterlockedIncrement
CreateFileA
QueryPerformanceCounter
LeaveCriticalSection
GetTempPathW
InterlockedExchange
SetFilePointer
FindClose
CreateMutexA
EnumResourceTypesW
LocalFree
GetTempPathA
WriteFile
GetFileAttributesA
TerminateProcess
GetVersionExA
WideCharToMultiByte
DeleteFileW
LocalAlloc
RemoveDirectoryW
OutputDebugStringW
GetVersionExW
WaitForSingleObject
FreeLibrary
MulDiv
DisableThreadLibraryCalls
GetLocaleInfoA
LoadLibraryW
GetCurrentThreadId
MultiByteToWideChar
lstrlenW
EnterCriticalSection
InterlockedDecrement
GetProcAddress
ReadFile
DeleteFileA
GetSystemTimeAsFileTime

shlwapi

PathIsDirectoryW
PathRemoveBackslashW
PathFileExistsW
PathAddBackslashW
PathFileExistsA
PathCombineW
PathRenameExtensionW
PathAppendW
PathRemoveFileSpecW

avifil32

AVISaveOptions
AVIMakeCompressedStream

Sections

.text
Size: 102KB - Virtual size: 101KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 1024B - Virtual size: 380KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

548d68aca132465d935a49460a41f432

Headers

File Characteristics

Imports

user32

winmm

kernel32

shlwapi

avifil32

Sections

.text Size: 102KB - Virtual size: 101KB

.rdata Size: 2KB - Virtual size: 2KB

.bss Size: 68KB - Virtual size: 67KB

.tls Size: 1024B - Virtual size: 380KB

.text
Size: 102KB - Virtual size: 101KB

.rdata
Size: 2KB - Virtual size: 2KB

.bss
Size: 68KB - Virtual size: 67KB

.tls
Size: 1024B - Virtual size: 380KB