36498de828186dd1e42df070e399591492fafa3f06caa6075667aed1016982fe

Sharing

Copy URL Twitter E-mail

General

Target

36498de828186dd1e42df070e399591492fafa3f06caa6075667aed1016982fe
Size

175KB
MD5

6ceaf064b942f17db035428fa616baa0
SHA1

8816ca208e788e75f320e0ce9c9d6dd73da6ce8f
SHA256

36498de828186dd1e42df070e399591492fafa3f06caa6075667aed1016982fe
SHA512

5f0e35978865cf2a6d6df86873b318b4c9436a8d4ad1e77badc85fe5f69873330a920c78fa3f887c916cdca62d5111177cca44e89e805bb6bc2e9602cd49b4a2
SSDEEP

3072:FpWMoRKNj/tux1vpxUfU6xL1fmv7Ev2N2gV/VBUrcCqGu/KwZqx+A:Fp3/5tuxB2R1mv7Ev2N/VetDKq

Score

N/A

Malware Config

Signatures

Files

36498de828186dd1e42df070e399591492fafa3f06caa6075667aed1016982fe
.exe windows x86

fc98adc9181fd88473e3f15fa03d6b34

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CoFreeUnusedLibraries
CoCreateInstance
CoUninitialize
StringFromGUID2
CoInitialize

winmm

timeGetTime

user32

CopyRect
OffsetRect
IsRectEmpty
TranslateMessage
FillRect
SetRectEmpty
GetDC
DispatchMessageW
ReleaseDC
GetClientRect
PeekMessageW
wsprintfW
GetWindowRect

shlwapi

PathFileExistsA
PathRenameExtensionW
PathIsDirectoryW
PathRemoveBackslashW
PathCombineW
PathAppendW
PathAddBackslashW
PathFileExistsW
PathRemoveFileSpecW

kernel32

GetModuleFileNameA
DeleteFileA
LeaveCriticalSection
MulDiv
WaitNamedPipeA
GetTickCount
RemoveDirectoryW
CopyFileA
CreateDirectoryW
Sleep
SetFileAttributesW
ReadFile
GetVersionExA
DeleteFileW
GetTempPathW
GetProcessAffinityMask
OutputDebugStringW
GetTempPathA
GetTempFileNameA
WaitForSingleObject
GetCurrentThreadId
GetThreadLocale
CreateMutexA
WideCharToMultiByte
GetTempFileNameW
LocalAlloc
InterlockedDecrement
CloseHandle
QueryPerformanceCounter
GetModuleFileNameW
InterlockedExchange
lstrlenA
lstrlenW
EnumResourceTypesW
SetFilePointer
InitializeCriticalSection
ReleaseMutex
GetFileAttributesA
DeleteCriticalSection
FreeLibrary
GetVersionExW
InterlockedIncrement
CreateDirectoryA
ExitProcess
GetCurrentProcessId
GetSystemTime
GetACP
SetFileAttributesA
EnterCriticalSection
CreateFileA
LoadLibraryW
MultiByteToWideChar
LocalFree
WriteFile
FindNextFileW
DisableThreadLibraryCalls
OutputDebugStringA
GetProcAddress
GetLocaleInfoA
GetLastError
FindFirstFileW
FindClose
GetSystemTimeAsFileTime

shell32

SHGetSpecialFolderPathA

advapi32

RegQueryValueExW
RegCloseKey
RegOpenKeyExW
RegCreateKeyW
RegCreateKeyExA
RegOpenKeyExA
RegQueryValueExA
RegSetValueW
RegDeleteKeyW
RegSetValueExW
RegEnumKeyExW
RegSetValueExA
RegDeleteKeyA

avifil32

AVISaveOptions
AVIMakeCompressedStream

gdi32

BitBlt
CreateCompatibleDC
DeleteDC
GetObjectW
CreateSolidBrush
CreateCompatibleBitmap
DeleteObject
SelectObject
GetDIBits
SetBkColor
GetObjectType
CreateBitmap
SetBrushOrgEx
StretchBlt
CreateDCW
CreateDIBSection
SetStretchBltMode

Sections

.text
Size: 99KB - Virtual size: 99KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 70KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 1024B - Virtual size: 380KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fc98adc9181fd88473e3f15fa03d6b34

Headers

File Characteristics

Imports

ole32

winmm

user32

shlwapi

kernel32

shell32

advapi32

avifil32

gdi32

Sections

.text Size: 99KB - Virtual size: 99KB

.rdata Size: 3KB - Virtual size: 3KB

.bss Size: 70KB - Virtual size: 69KB

.tls Size: 1024B - Virtual size: 380KB

.text
Size: 99KB - Virtual size: 99KB

.rdata
Size: 3KB - Virtual size: 3KB

.bss
Size: 70KB - Virtual size: 69KB

.tls
Size: 1024B - Virtual size: 380KB