2f61415b77d45e6a73683e0336ac73da080e899dc7016b6f3283f54e0b868fd6

Sharing

Copy URL Twitter E-mail

General

Target

2f61415b77d45e6a73683e0336ac73da080e899dc7016b6f3283f54e0b868fd6
Size

164KB
MD5

0ba75bb5c717003bc69aba01780a5601
SHA1

6b5953b01ffd57e3a8bc1eb124b76207c0f6ffcc
SHA256

2f61415b77d45e6a73683e0336ac73da080e899dc7016b6f3283f54e0b868fd6
SHA512

e11fa81a17e0da932a45d480be6fd64f8e82e32232fdb7c83f15bd28f923a26724f6760d13c0777db67cd03261ec79e29b476092aee138b3d759302380f4a67c
SSDEEP

3072:s3+/zzdsyC7jA9vGMg1Obuqd6XZafyrlA24HObYy2YxQJ6EJEXBr:RdN4c9v8kn6pa65Ad4cYxlIE

Score

N/A

Malware Config

Signatures

Files

2f61415b77d45e6a73683e0336ac73da080e899dc7016b6f3283f54e0b868fd6
.exe windows x86

979d19ac7eb29afb9f36b2bc12a77086

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CoCreateInstance
StringFromGUID2
CoUninitialize
OleInitialize
OleUninitialize
CoFreeUnusedLibraries
CoInitialize

avifil32

AVISaveOptions
AVIMakeCompressedStream

shell32

SHGetSpecialFolderLocation
SHGetDesktopFolder
SHGetPathFromIDListW
DragQueryFileW
SHGetMalloc
SHGetFileInfoW

user32

IsWindow
DrawTextW
UnionRect
SetTimer
CopyRect
LoadCursorW
GetSysColor
GetSystemMetrics
TrackPopupMenuEx
SetCapture
wsprintfW
ReleaseCapture
ShowScrollBar
SendMessageW
SetRectEmpty
GetParent
SetCursor
DrawFocusRect
CreatePopupMenu
FillRect
LoadImageW
OffsetRect
GetWindowRect
GetSysColorBrush
SetFocus
ClientToScreen
SetRect
PtInRect
GetClientRect
KillTimer
ScreenToClient
PostMessageW
DestroyMenu
SetWindowLongW
IsWindowVisible
UpdateWindow
BringWindowToTop
SetForegroundWindow
FindWindowExW
GetDC
EqualRect
IsRectEmpty
GetWindowLongW
GetDesktopWindow
FrameRect
GetCursorPos
GetActiveWindow
ReleaseDC
IntersectRect
InflateRect
EnableWindow
DefWindowProcW
InvalidateRect

advapi32

RegCloseKey
RegOpenKeyExW
RegCreateKeyW
RegSetValueExW
RegEnumKeyExW
RegSetValueW
RegDeleteKeyW

kernel32

ResetEvent
GetLastError
WaitForSingleObject
InterlockedIncrement
Sleep
ReplaceFileW
MulDiv
EnterCriticalSection
CreateThread
GetTickCount
FileTimeToSystemTime
GetProcessId
GetModuleHandleW
QueryPerformanceCounter
FindClose
GlobalReAlloc
GetProcAddress
GetACP
FindFirstChangeNotificationW
CreateEventW
GlobalLock
GetModuleFileNameA
lstrlenA
lstrlenW
InitializeCriticalSection
LeaveCriticalSection
InterlockedExchange
FindCloseChangeNotification
FindFirstFileW
GetDriveTypeW
EnumResourceTypesA
GetCurrentThreadId
GetSystemTimeAsFileTime
GlobalUnlock
CloseHandle
MultiByteToWideChar
ExitProcess
FindNextChangeNotification
GetVersionExW
GlobalAlloc
DeleteCriticalSection
InterlockedDecrement
GetFullPathNameW
DisableThreadLibraryCalls
lstrcpynW
FreeLibrary
SetEvent
GetLocaleInfoA
GetCurrentProcessId
WideCharToMultiByte
GetThreadLocale
FileTimeToLocalFileTime
GetVersionExA

Sections

.text
Size: 96KB - Virtual size: 95KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 63KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 1024B - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

979d19ac7eb29afb9f36b2bc12a77086

Headers

File Characteristics

Imports

ole32

avifil32

shell32

user32

advapi32

kernel32

Sections

.text Size: 96KB - Virtual size: 95KB

.rdata Size: 3KB - Virtual size: 3KB

.bss Size: 63KB - Virtual size: 62KB

.tls Size: 1024B - Virtual size: 104KB

.text
Size: 96KB - Virtual size: 95KB

.rdata
Size: 3KB - Virtual size: 3KB

.bss
Size: 63KB - Virtual size: 62KB

.tls
Size: 1024B - Virtual size: 104KB