03a9b844bcca9cd3783280b50c17d3029d5f5d2abbd668fd3b342086a836ecb5

Sharing

Copy URL Twitter E-mail

General

Target

03a9b844bcca9cd3783280b50c17d3029d5f5d2abbd668fd3b342086a836ecb5
Size

656KB
MD5

4ea9aa1451985fb1028b94aa69536770
SHA1

04e7314dcbe6e1b793b9ceffd1b786b683773367
SHA256

03a9b844bcca9cd3783280b50c17d3029d5f5d2abbd668fd3b342086a836ecb5
SHA512

f59aafcf45bf80a1e48e4f48c1c43b027161a96e99f4610b92e0525117e48763049bcef5d475d2bc5d37bae07de7441fe384f6751ea6e1f67eb087a4c63b3051
SSDEEP

12288:X6QK/tS+ItoJCpPpb+lEg+UG4bdcyLJDhJ:X6QWO0CpPpwEp47JhJ

Score

N/A

Malware Config

Signatures

Files

03a9b844bcca9cd3783280b50c17d3029d5f5d2abbd668fd3b342086a836ecb5
.exe windows x86

5a01aaa612dcb15423a8525b506a8feb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathFindExtensionA
PathCombineA
PathFileExistsA
PathRemoveFileSpecA
PathFindFileNameA

netapi32

Netbios

kernel32

GetTickCount
WriteFile
SetFilePointer
SetFileAttributesA
CreateFileA
FreeLibrary
GetProcAddress
LoadLibraryA
LoadLibraryExA
GetModuleFileNameA
CreateDirectoryA
GetFileSize
FindClose
FindNextFileA
FindFirstFileA
GlobalFree
DeleteFileA
ReadFile
FileTimeToDosDateTime
GetPrivateProfileIntW
MultiByteToWideChar
WideCharToMultiByte
GetPrivateProfileStringW
WritePrivateProfileStringW
GetVersion
GlobalAlloc
lstrcpyW
lstrlenW
MoveFileA
ExitThread
SetEndOfFile
WaitForSingleObject
CreateThread
TerminateThread
GetVersionExA
GetCurrentProcess
CopyFileA
TerminateProcess
OpenProcess
ReleaseMutex
GetLastError
CreateMutexA
Sleep
GlobalLock
CompareStringW
CompareStringA
GetSystemInfo
VirtualProtect
GetLocaleInfoA
GetCurrentProcessId
GetCurrentThreadId
QueryPerformanceCounter
HeapSize
LCMapStringW
LCMapStringA
IsBadCodePtr
IsBadReadPtr
SetUnhandledExceptionFilter
VirtualQuery
InterlockedExchange
RaiseException
GetCPInfo
GetOEMCP
GetACP
GetStringTypeW
GetStringTypeA
FlushFileBuffers
SetStdHandle
IsBadWritePtr
HeapReAlloc
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetFileType
GetStdHandle
SetHandleCount
ExitProcess
HeapAlloc
HeapFree
GetTimeZoneInformation
RtlUnwind
GetCommandLineA
GetStartupInfoA
GetModuleHandleA
GetSystemTimeAsFileTime
PulseEvent
OpenFileMappingA
OpenEventA
CreateFileMappingA
MapViewOfFile
CreateEventA
UnmapViewOfFile
CloseHandle
GetSystemDirectoryA
GetWindowsDirectoryA
GetCurrentDirectoryA
GetTempPathA
lstrlenA
lstrcpyA
GlobalUnlock
SetEnvironmentVariableA

user32

RegisterClassA
InvertRect
wsprintfA
FillRect
LoadCursorA
GetWindowThreadProcessId
ReleaseDC
CopyRect
GetSystemMetrics
ShowWindow
UpdateWindow
GetMessageA
TranslateMessage
DispatchMessageA
ExitWindowsEx
FindWindowA
LoadIconA
SetTimer
CreateWindowExA
BeginPaint
EndPaint
DestroyWindow
PostQuitMessage
KillTimer
DialogBoxParamA
DefWindowProcA
SetForegroundWindow
LoadMenuA
GetSubMenu
GetCursorPos
TrackPopupMenuEx
DestroyMenu
GetAsyncKeyState
GetDlgItemTextA
EnableWindow
GetDlgItemInt
SendMessageA
SetWindowTextA
SetScrollRange
InvalidateRect
IsWindow
SetScrollPos
SetDlgItemTextA
MessageBoxA
SetRect
PostMessageA
EndDialog
GetDlgItem
SetFocus
GetDC
GetClientRect

gdi32

DeleteObject
CreateCompatibleBitmap
SelectObject
GetStockObject
SetBkColor
SetTextColor
TextOutA
BitBlt
DeleteDC
CreateDIBSection
CreateCompatibleDC
CreateFontIndirectA

comdlg32

GetOpenFileNameA
GetSaveFileNameA

advapi32

RegSetValueExA
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
RegQueryValueExA
RegCreateKeyExA
RegCloseKey
RegFlushKey

shell32

DragFinish
SHBrowseForFolderA
ShellExecuteA
DragQueryFileA
DragAcceptFiles
DragQueryPoint
SHGetPathFromIDListA
Shell_NotifyIconA
SHGetSpecialFolderPathA

ole32

CoInitialize
CoUninitialize

tg_pvtr

Open_FLV4_Encode
isInstalled_DirectX81
CheckMPEGFile
vGetStretchPos
SetBrightness
SetFastConvertMode
SetVtrState
SetMeta_FLV4_Encode
Close_FLV4_Encode
Save_FLV4_Data
FindCodecInfo
GetFormatLastUseTestVTR
OpenVTR
GetVtrLength
GetVtrInfo
GetAudioInfo
Set_Caption_Style
Open_Caption
Start_Caption
ReadAudioFrame2
SetVtrPlayPos
ReadCurrentFrame2
Write_Caption
Close_Caption
TestVtr
TestVtrExW
SkipCurrentFrame
ReadCurrentFrame
isNextFrame
CaptureVTR
GetVtrPlayPos
VTR_Play_GetCurrentImage
VTR_Play_SetScaleXY
VTR_Play_SetBrightness
GetVtrState
SetVolume
VTR_Play_SetVolume
VTR_Play_SetPos
VTR_Play_GetPos
VTR_Play_Output
Set_TG_PVTR_LogFile
Register_DumpFilter
SetVtrArea
VTR_Play_Close
OpenVTRW
CloseVTR
VTR_Play_Open

tg_avi

Get_ICM_Info
find_ICM_Driver
Delete_ICM
Set_TG_AVI_LogFile
Open_ACM2
Decription_MA
tg_MakeAVIFile
Open_ICM
Close_ICM
Open_ACM
Close_ACM
GetFrameNoByTime
AVIRecover
SetAVIStretchMethod
SeekAVIStream
MuxData_Open
AVICodecInfo
MuxData_EmptytData
MuxData_isAddedData
MuxData_Close
Close_MP3_Encoder
MuxData_ReadData
tg_GetCurrentAVIFileSize
tg_CloseAVIFile
Compress_MP3_Encoder
GetOutput_MP3_Encoder
tg_SaveAVIFrame
tg_FtpUp_AVIMode
MP4AV_Mpeg4ParseVol
Open_ICM2
OpenAVI
isAVIDRM
GetAVILength
GetAVIReference
ReadAVIStream
ICM_Decompress
GetTimeByFrameNo
Close_ICM2
CloseAVI
Open_MP3_Encoder

tg_image

TGI_Compress
Write_BMP16Over
LoadTGIResource
ConvertImageFree
RotateBMP16Over
FlipX
MemBitBltSrcKeyRender
MemDrawBoarder32
JPG_Compress
ConvertImageToBMP
MemBitBltAlphaRender2
RGBtoI420
TGI_Decompress
MemBitBltSrcAlpha
MemBitBltSrcKeyColor
MemBitBltSrcKeyColor2
MemBitBlt
FlipY
PutBitmapDataToGDI
Stretch_Bitmap

tg_audio

AcmAppConvertConvert
Set_TG_Audio_LogFile
find_ACM_Format
find_ACM_Driver
WavePlayOpen
SetPCMFormatID
SetPCMFormat
GetPCMFormatID
AcmAppConvertEnd
AcmAppConvertBegin

Sections

.text
Size: 168KB - Virtual size: 167KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 32KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 88KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 360KB - Virtual size: 360KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

5a01aaa612dcb15423a8525b506a8feb

Headers

File Characteristics

Imports

shlwapi

netapi32

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

tg_pvtr

tg_avi

tg_image

tg_audio

Sections

.text Size: 168KB - Virtual size: 167KB

.rdata Size: 32KB - Virtual size: 30KB

.data Size: 4KB - Virtual size: 22KB

.rsrc Size: 88KB - Virtual size: 88KB

.text Size: 360KB - Virtual size: 360KB

.text
Size: 168KB - Virtual size: 167KB

.rdata
Size: 32KB - Virtual size: 30KB

.data
Size: 4KB - Virtual size: 22KB

.rsrc
Size: 88KB - Virtual size: 88KB

.text
Size: 360KB - Virtual size: 360KB