97cdffcadc4b274a6908c80cc642feb1eec06fb9910b8460146906f65837d6f7

Sharing

Copy URL Twitter E-mail

General

Target

97cdffcadc4b274a6908c80cc642feb1eec06fb9910b8460146906f65837d6f7
Size

44KB
MD5

1a840db9fe1ba7d4e974b522d5bfa4be
SHA1

49d082f890ecccd94ab80521b65ac95f17a6a196
SHA256

97cdffcadc4b274a6908c80cc642feb1eec06fb9910b8460146906f65837d6f7
SHA512

2197ef3d638180afd97e88f1e053d712beba8b4379b9f7f5bf31f4a0f14f32045d0859805ab6083309f5fdd0e560b7f9d172cf75e0553a401cda81e0225e4949
SSDEEP

768:0UQZEeKyhTMwNy33yN3En4kGey74ylZM0SP1WzUgbA+uzNSG3:0ZhTMD3M+A97LM0IbgbWzQs

Score

N/A

Malware Config

Signatures

Files

97cdffcadc4b274a6908c80cc642feb1eec06fb9910b8460146906f65837d6f7
.zip
Mark Heuschkel Ihre Rechnung für Abo-Paket von Video Service GmbH.com
.exe windows x86

0727bac5f83b0c389311d402c9d0577e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

AddLocalAlternateComputerNameW
AddVectoredExceptionHandler
BuildCommDCBA
CreateDirectoryA
CreateProcessInternalA
EnumDateFormatsA
EnumUILanguagesA
ExitProcess
FindFirstVolumeMountPointW
FreeUserPhysicalPages
GetAtomNameA
GetCommMask
GetCompressedFileSizeA
GetConsoleAliasesA
GetConsoleTitleW
GetCurrentProcess
GetDefaultCommConfigW
GetDllDirectoryA
GetLogicalDriveStringsA
GetModuleHandleA
GetNamedPipeHandleStateA
GetNumaHighestNodeNumber
GetProfileIntW
GetSystemRegistryQuota
GetTempFileNameA
GetTempPathA
GetThreadSelectorEntry
GetTimeFormatA
InterlockedIncrement
IsBadHugeWritePtr
IsProcessorFeaturePresent
IsWow64Process
LocalShrink
RequestDeviceWakeup
SetConsolePalette
SetErrorMode
SetFilePointer
SetUnhandledExceptionFilter
WaitForMultipleObjects
WriteConsoleOutputA

user32

ChangeClipboardChain
CharUpperBuffA
DdeConnectList
DdeGetData
EditWndProc
GetClassNameA
GetDC
GetDesktopWindow
GetKeyboardLayout
GetLastActivePopup
GetMenuItemRect
GetNextDlgGroupItem
GetWindowRect
IsCharLowerA
KillTimer
PostMessageA
ReasonCodeNeedsBugID
SetWindowRgn
ShowScrollBar
TranslateMDISysAccel

gdi32

DdEntry42
EngTransparentBlt
FONTOBJ_pvTrueTypeFontFile
GdiValidateHandle
GetClipBox
GetHFONT
GetTextExtentPointA

ntdll

LdrFlushAlternateResourceModules
NtQueryVolumeInformationFile
RtlAbsoluteToSelfRelativeSD
RtlAddAccessDeniedObjectAce
RtlAddCompoundAce
RtlAllocateAndInitializeSid
RtlAreAnyAccessesGranted
RtlCaptureContext
RtlConvertSidToUnicodeString
RtlCreateUserProcess
RtlCreateUserThread
RtlDeNormalizeProcessParams
RtlExtendedIntegerMultiply
RtlExtendedMagicDivide
RtlFindClearRuns
RtlGetUnloadEventTrace
RtlGetUserInfoHeap
RtlIpv4AddressToStringExW
RtlQueryInformationActiveActivationContext
RtlSecondsSince1980ToTime
RtlTimeToSecondsSince1970
RtlValidSid
ZwAddAtom
ZwCreateJobObject
ZwGetDevicePowerState
ZwInitiatePowerAction
ZwQueryAttributesFile
ZwQueryFullAttributesFile
ZwSignalAndWaitForSingleObject
ZwWaitForDebugEvent
_i64toa

Sections

.tadhk
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.hyi
Size: 3KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0727bac5f83b0c389311d402c9d0577e

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

ntdll

Sections

.tadhk Size: 40KB - Virtual size: 40KB

.hyi Size: 3KB - Virtual size: 27KB

.tadhk
Size: 40KB - Virtual size: 40KB

.hyi
Size: 3KB - Virtual size: 27KB