7e963bfba497bd74bf5650c215ba978bcaa20bd8578fb2e05d06623b724ffba1

Sharing

Copy URL Twitter E-mail

General

Target

7e963bfba497bd74bf5650c215ba978bcaa20bd8578fb2e05d06623b724ffba1
Size

182KB
MD5

637dee09252b790f1dbde15b5fc2e530
SHA1

984def3b8c386b000a716d6cde9b58fe43970bcf
SHA256

7e963bfba497bd74bf5650c215ba978bcaa20bd8578fb2e05d06623b724ffba1
SHA512

92fd11798a521a77c0342725b660a3b47618b9c55b9857f175b0fd2ed82a56eed864f9753edaa19a8be9421b16e40fbd4a1fa4d498f3f32f98034f42bcbacf6b
SSDEEP

3072:fd1QA8ECt/gatf1lbpIamJqilNCwCTyY7Ni+t6gWR+pH3jWzJzY:11QBE6g6fDtclNGTycLxM+pH3yzJzY

Score

N/A

Malware Config

Signatures

Files

7e963bfba497bd74bf5650c215ba978bcaa20bd8578fb2e05d06623b724ffba1
.exe windows x86

c7ef8e8569dca74998485470f269bfee

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

CreateDCA
DeleteObject
GetStockObject
StretchBlt
GetObjectA
SelectObject
BitBlt
CreateCompatibleBitmap
DeleteDC
CreateDIBSection
SetStretchBltMode
CreateCompatibleDC
PatBlt
SetDIBits

avifil32

AVISaveOptions
AVIMakeCompressedStream

shlwapi

PathFileExistsW
PathFileExistsA
StrStrIW

user32

BringWindowToTop
DefWindowProcA
DispatchMessageA
AttachThreadInput
FillRect
GetClientRect
SetParent
GetDesktopWindow
RegisterClassA
CopyRect
EqualRect
EnableWindow
ReleaseDC
wsprintfA
SendMessageA
IsWindow
GetDC
SetRect
TranslateMessage
PeekMessageA
PostMessageA
InflateRect
InvalidateRect
UnregisterClassA

shell32

SHGetSpecialFolderPathA

kernel32

GlobalUnlock
GlobalFree
ReadFile
WaitForMultipleObjectsEx
GetSystemTimeAsFileTime
lstrlenA
GetModuleFileNameW
DeviceIoControl
GetModuleFileNameA
GetFileAttributesA
CloseHandle
GlobalLock
CreateFileA
InterlockedDecrement
GetVolumeInformationA
GetTempPathA
SetFilePointer
LocalAlloc
GetProcessId
QueryPerformanceCounter
GetCurrentThreadId
GetVersionExA
CopyFileA
SetFileAttributesA
InitializeCriticalSection
GetSystemTime
MultiByteToWideChar
EnumResourceTypesA
VirtualFree
DisableThreadLibraryCalls
GetCurrentProcessId
ExitProcess
InterlockedIncrement
LocalFree
WaitForSingleObject
VirtualAlloc
CreateMutexA
DeleteFileA
WideCharToMultiByte
GetFileSize
GetLastError
CreateDirectoryA
CreateFileW
ReleaseMutex
GetTempFileNameA
GetTickCount
DeleteCriticalSection
Sleep
FreeLibrary

ole32

CoFreeUnusedLibraries
CoTaskMemAlloc
StringFromGUID2
CoCreateInstance
CoInitialize
CreateItemMoniker
StgCreateDocfile
StgOpenStorage
CoSetProxyBlanket
CoUninitialize
GetRunningObjectTable
CoTaskMemFree

advapi32

RegOpenKeyExA
RegSetValueA
RegCreateKeyExA
RegCreateKeyA
RegDeleteKeyA
RegOpenKeyExW
RegQueryValueExW
RegEnumKeyExA
RegCloseKey
RegQueryValueExA
RegSetValueExA

Sections

.text
Size: 102KB - Virtual size: 102KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 74KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 1024B - Virtual size: 124KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c7ef8e8569dca74998485470f269bfee

Headers

File Characteristics

Imports

gdi32

avifil32

shlwapi

user32

shell32

kernel32

ole32

advapi32

Sections

.text Size: 102KB - Virtual size: 102KB

.rdata Size: 3KB - Virtual size: 3KB

.bss Size: 74KB - Virtual size: 74KB

.tls Size: 1024B - Virtual size: 124KB

.text
Size: 102KB - Virtual size: 102KB

.rdata
Size: 3KB - Virtual size: 3KB

.bss
Size: 74KB - Virtual size: 74KB

.tls
Size: 1024B - Virtual size: 124KB