a6eae2706f3e171e55369758d32c1dcf4acaf840aaeb3790c9117886375bf913

Sharing

Copy URL Twitter E-mail

General

Target

a6eae2706f3e171e55369758d32c1dcf4acaf840aaeb3790c9117886375bf913
Size

172KB
MD5

6169df3e906aef510d3ef3952cc04ac0
SHA1

ca8c3356353f6adf2686f4c83f17cb413562d79e
SHA256

a6eae2706f3e171e55369758d32c1dcf4acaf840aaeb3790c9117886375bf913
SHA512

7aaf789af7ff2cc25caf260914137c80a1fab6d443f84a02f646642c8c1dbe0acfdce4992becf9a1c4b75fc62638125768c3e6abe23dd317ad63da70365313e5
SSDEEP

3072:dJvAiEkcg1eXOsjktHOSMcgen1+1mE0y7P59SC92pSgMpHPqX2GtUN2MP0scUCzQ:dJvAiErGSgtNE1b7B9SC92zf2G2NMscV

Score

N/A

Malware Config

Signatures

Files

a6eae2706f3e171e55369758d32c1dcf4acaf840aaeb3790c9117886375bf913
.exe windows x86

50391b5b02daf8f4fe8b8df36fb78c77

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

SHGetSpecialFolderPathA

advapi32

RegEnumKeyExW
RegQueryValueExW
RegOpenKeyExA
RegCloseKey
RegOpenKeyExW
RegSetValueExA
RegCreateKeyW
RegSetValueW
RegQueryValueExA
RegSetValueExW
RegDeleteKeyW
RegCreateKeyExA
RegDeleteKeyA

winmm

timeGetTime

ole32

StringFromGUID2
CoFreeUnusedLibraries
CoCreateInstance
CoUninitialize
CoInitialize

shlwapi

PathAppendW
PathFileExistsW
PathAddBackslashW
PathRenameExtensionW
PathCombineW
PathRemoveBackslashW
PathIsDirectoryW
PathFileExistsA
PathRemoveFileSpecW

avifil32

AVISaveOptions
AVIMakeCompressedStream

user32

ReleaseDC
DispatchMessageW
OffsetRect
FillRect
wsprintfW
CopyRect
SetRectEmpty
GetDC
TranslateMessage
PeekMessageW
IsRectEmpty
GetClientRect
GetWindowRect

gdi32

SelectObject
CreateSolidBrush
BitBlt
CreateBitmap
GetDIBits
CreateCompatibleBitmap
GetObjectType
DeleteDC
DeleteObject
SetBrushOrgEx
CreateDIBSection
StretchBlt
CreateCompatibleDC
GetObjectW
CreateDCW
SetBkColor
SetStretchBltMode

kernel32

CopyFileA
lstrlenW
GetTempPathW
LocalAlloc
GetLastError
WaitForMultipleObjects
InterlockedIncrement
SetFilePointer
Sleep
FindNextFileW
QueryPerformanceCounter
WideCharToMultiByte
LoadLibraryW
DeleteCriticalSection
CreateDirectoryW
GetModuleFileNameW
GetProcessPriorityBoost
CloseHandle
GetTempPathA
SetFileAttributesW
GetCurrentThreadId
CreateFileA
GetTempFileNameW
GetCurrentProcessId
lstrlenA
GetVersionExW
InterlockedDecrement
FindFirstFileW
RemoveDirectoryW
GetTickCount
GetProcAddress
EnumResourceTypesW
DisableThreadLibraryCalls
WriteFile
GetSystemTime
GetVersionExA
GetThreadLocale
ReleaseMutex
GetFileAttributesA
GetTempFileNameA
InitializeCriticalSection
CreateDirectoryA
GetACP
InterlockedExchange
MultiByteToWideChar
GetLocaleInfoA
DeleteFileA
ExitProcess
FreeLibrary
GetModuleFileNameA
WaitForSingleObject
MulDiv
EnterCriticalSection
LocalFree
SetFileAttributesA
OutputDebugStringW
ReadFile
LeaveCriticalSection
DeleteFileW
CreateMutexA
OutputDebugStringA
FindClose
GetSystemTimeAsFileTime

Sections

.text
Size: 100KB - Virtual size: 99KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 66KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 1024B - Virtual size: 252KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

50391b5b02daf8f4fe8b8df36fb78c77

Headers

File Characteristics

Imports

shell32

advapi32

winmm

ole32

shlwapi

avifil32

user32

gdi32

kernel32

Sections

.text Size: 100KB - Virtual size: 99KB

.rdata Size: 3KB - Virtual size: 3KB

.bss Size: 66KB - Virtual size: 66KB

.tls Size: 1024B - Virtual size: 252KB

.text
Size: 100KB - Virtual size: 99KB

.rdata
Size: 3KB - Virtual size: 3KB

.bss
Size: 66KB - Virtual size: 66KB

.tls
Size: 1024B - Virtual size: 252KB