de4865ba37f0e3a13018ad34a0be6298fc75606f6e292f0d62111efafa811842

Sharing

Copy URL

Twitter E-mail

General

Target

de4865ba37f0e3a13018ad34a0be6298fc75606f6e292f0d62111efafa811842
Size

125KB
MD5

93e0190fb027672f386ddce1b0737503
SHA1

e2b3d325a2ed0f9224815141d00970510fc527ef
SHA256

de4865ba37f0e3a13018ad34a0be6298fc75606f6e292f0d62111efafa811842
SHA512

84d1cad7e3df859d711ba5a54d9a3938417758ba14ab0bb9c45d419d7d876996cf2a10f992e460d4ec80355152c0019332b3cc7e34c6f6903833ad0139b3fa33
SSDEEP

3072:HTh+VUnCPMTADCcjKZxzYrm8Xp5fs9YxIJF:HAoCP0ACBzYXp5E9YqJ

Score

N/A

Malware Config

Signatures

Files

de4865ba37f0e3a13018ad34a0be6298fc75606f6e292f0d62111efafa811842
.exe windows x86

0dae944ec1b47ddb3d8dc25d50a07e04

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualFree
WaitForSingleObject
Sleep
LoadLibraryA
GetModuleHandleW
FindResourceW
QueryPerformanceCounter
BuildCommDCBA
GetSystemTimeAsFileTime
WaitNamedPipeW
InitializeCriticalSection
IsDebuggerPresent
VirtualAlloc
CreateThread
CloseHandle
EnterCriticalSection
GetCurrentThreadId
CreateEventW
LeaveCriticalSection
InterlockedIncrement
LoadLibraryW
OutputDebugStringW
SetUnhandledExceptionFilter
FreeLibrary
InterlockedDecrement
SetLastError
WideCharToMultiByte
SetEvent
CreateMutexW
GetModuleFileNameW
lstrlenW
HeapAlloc
GetLastError
InterlockedExchange
lstrcmpiW
MultiByteToWideChar
InterlockedCompareExchange
LoadResource
FlushInstructionCache
IsProcessorFeaturePresent
GetStartupInfoW
GetVersionExW
ResetEvent
DeleteCriticalSection
FormatMessageW
ReleaseMutex
LocalFree
UnhandledExceptionFilter
RaiseException
TerminateProcess
LoadLibraryExW
ExitProcess
GetCurrentProcessId
WaitForMultipleObjects
GetProcAddress
GetProcessHeap
HeapFree
SizeofResource
CheckRemoteDebuggerPresent
GetVersion
VirtualProtect
GetPriorityClass
ClearCommBreak
GetTickCount
SetCommBreak
GetCurrentProcess
lstrlenA
TerminateThread

user32

PostQuitMessage
SetTimer
DestroyWindow
FillRect
DefWindowProcW
IsMenu
LoadMenuW
CreatePopupMenu
GetClassInfoExW
DrawIconEx
GetCursorPos
DrawTextW
IsWindow
CallWindowProcW
DispatchMessageW
GetDoubleClickTime
GetMenuItemInfoW
LoadCursorW
LoadImageW
DeleteMenu
LoadStringW
RegisterClassExW
SetWindowLongW
TranslateMessage
GetSysColor
CharNextW
GetSysColorBrush
UnregisterClassA
FindWindowW
DestroyMenu
SystemParametersInfoW
SetMenuItemInfoW
GetWindowLongW
DestroyIcon
CreateWindowExW
KillTimer
RegisterWindowMessageW
GetMenuItemCount
SetForegroundWindow
AppendMenuW
GetSystemMetrics
ReleaseDC
TrackPopupMenu
SetMenuDefaultItem
GetSubMenu
PostMessageW
GetDC
GetMessageW

gdi32

SetTextColor
SetBkColor
CreateFontIndirectW
DeleteObject
SelectObject

advapi32

RegEnumValueW
RegDeleteKeyW
RegEnumKeyExW
RegSetValueExW
RegCreateKeyExW
GetUserNameA
RegQueryValueExW
RegNotifyChangeKeyValue
RegOpenKeyExW
RegDeleteValueW
RegCloseKey
RegQueryInfoKeyW

ole32

CoTaskMemAlloc
CoCreateInstance
CoTaskMemFree
CoTaskMemRealloc

oleaut32

VarUI4FromStr

avifil32

EditStreamPaste

Sections

.text
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 36KB - Virtual size: 98KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0dae944ec1b47ddb3d8dc25d50a07e04

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

ole32

oleaut32

avifil32

Sections

.text Size: 68KB - Virtual size: 67KB

.rdata Size: 10KB - Virtual size: 10KB

.data Size: 36KB - Virtual size: 98KB

.rsrc Size: 7KB - Virtual size: 7KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 68KB - Virtual size: 67KB

.rdata
Size: 10KB - Virtual size: 10KB

.data
Size: 36KB - Virtual size: 98KB

.rsrc
Size: 7KB - Virtual size: 7KB

.reloc
Size: 1KB - Virtual size: 1KB