5cfbb4d04a5a8f4f9e64aacfba3e462d19a2e224390944fa722ab4d7c5c1746e

Sharing

Copy URL Twitter E-mail

General

Target

5cfbb4d04a5a8f4f9e64aacfba3e462d19a2e224390944fa722ab4d7c5c1746e
Size

164KB
MD5

a2d0844ea699c08c4f87b7882862c735
SHA1

b69587e90cbab772a96f41dde671bcef388a99f6
SHA256

5cfbb4d04a5a8f4f9e64aacfba3e462d19a2e224390944fa722ab4d7c5c1746e
SHA512

30750fbfdb76a6c60e92ec34cfd74ef270685b0d046728575c36a6abaf87ce63858a087edf05c5a93250eabc68c3350f37289e0016186fee229d1056361c7724
SSDEEP

3072:I7hbgf6NS9Scbuhc62t9ue1G2Xw/1/jKKN1UfS+2mpK4YQ:IgicSwoZ27uoG2Xw/ljKK/cS+nGQ

Score

N/A

Malware Config

Signatures

Files

5cfbb4d04a5a8f4f9e64aacfba3e462d19a2e224390944fa722ab4d7c5c1746e
.exe windows x86

951910995276cc3e7f419e4ccd5ec4e2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

StgOpenStorage
CoFreeUnusedLibraries
CreateItemMoniker
CoUninitialize
StgCreateDocfile
CoInitialize
StringFromGUID2
GetRunningObjectTable
CoSetProxyBlanket
CoTaskMemAlloc
CoCreateInstance
CoTaskMemFree

gdi32

CreateCompatibleBitmap
GetObjectA
CreateDCA
CreateCompatibleDC
BitBlt
StretchBlt
SelectObject
DeleteObject
SetStretchBltMode
GetStockObject
PatBlt
DeleteDC
CreateDIBSection
SetDIBits

avifil32

AVISaveOptions
AVIMakeCompressedStream

kernel32

GetCurrentThreadId
GetCurrentProcessId
CreateFileA
GlobalFree
QueryPerformanceCounter
WaitForMultipleObjectsEx
GetModuleFileNameW
ReadFile
GetTempFileNameA
VirtualAlloc
lstrlenA
GetVersionExA
DeviceIoControl
GetProcessId
InitializeCriticalSection
DisableThreadLibraryCalls
LocalFree
LocalAlloc
CreateMutexA
GetTempPathA
GetSystemTimeAsFileTime
EnumResourceTypesW
CreateDirectoryA
GetFileAttributesA
GlobalUnlock
GetTickCount
GetFileSize
VirtualFree
WaitForSingleObject
WideCharToMultiByte
SetFileAttributesA
CloseHandle
CopyFileA
Sleep
GetModuleFileNameA
ExitProcess
InterlockedDecrement
DeleteFileA
GetSystemTime
InterlockedIncrement
GetLastError
GlobalLock
MultiByteToWideChar
DeleteCriticalSection
GetVolumeInformationA
CreateFileW
SetFilePointer
ReleaseMutex
FreeLibrary

shlwapi

PathFileExistsA
PathFileExistsW
StrStrIW

advapi32

RegCreateKeyA
RegQueryValueExA
RegQueryValueExW
RegOpenKeyExW
RegOpenKeyExA
RegEnumKeyExA
RegSetValueA
RegCreateKeyExA
RegDeleteKeyA
RegCloseKey
RegSetValueExA

shell32

SHGetSpecialFolderPathA

user32

CopyRect
InflateRect
IsWindow
wsprintfA
ReleaseDC
SetRect
InvalidateRect
DispatchMessageA
SetParent
GetDesktopWindow
GetClientRect
BringWindowToTop
AttachThreadInput
TranslateMessage
EqualRect
FillRect
EnableWindow
DefWindowProcA
GetDC
PeekMessageA
RegisterClassA
PostMessageA
SendMessageA
UnregisterClassA

Sections

.text
Size: 94KB - Virtual size: 94KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 64KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 1024B - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

951910995276cc3e7f419e4ccd5ec4e2

Headers

File Characteristics

Imports

ole32

gdi32

avifil32

kernel32

shlwapi

advapi32

shell32

user32

Sections

.text Size: 94KB - Virtual size: 94KB

.rdata Size: 3KB - Virtual size: 3KB

.bss Size: 64KB - Virtual size: 64KB

.tls Size: 1024B - Virtual size: 100KB

.text
Size: 94KB - Virtual size: 94KB

.rdata
Size: 3KB - Virtual size: 3KB

.bss
Size: 64KB - Virtual size: 64KB

.tls
Size: 1024B - Virtual size: 100KB