2063d4e84efefada7ab109927adf12b04ef2a9d6553bff67ec04668896f0957b

Sharing

Copy URL Twitter E-mail

General

Target

2063d4e84efefada7ab109927adf12b04ef2a9d6553bff67ec04668896f0957b
Size

166KB
MD5

92e56c6ab1a0c69a9bc0b4ddcd75d9a5
SHA1

6bd770c15288344d17efe5690bd1217c1038817d
SHA256

2063d4e84efefada7ab109927adf12b04ef2a9d6553bff67ec04668896f0957b
SHA512

b2d0ae673eee36f7561fe45206dc505453d4a21d5a07006b0d8e2ea7cc315a6dc0c1275761d3f36cd3b535013e43ad9a0c570b014c0881a5b3bee3544821ac44
SSDEEP

3072:jtGqRRuT30UGeSgItLM3oNG2+o78g8ze8grXqz8mIMAJDYlIyYBoXFBkm:QqRRuT30HtAYNv9Yg8zdz8mcJD+IFBoZ

Score

N/A

Malware Config

Signatures

Files

2063d4e84efefada7ab109927adf12b04ef2a9d6553bff67ec04668896f0957b
.exe windows x86

c5c5fc842aba4af091403e864dd902ad

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

avifil32

AVISaveOptions
AVIMakeCompressedStream

advapi32

RegQueryValueExW
RegSetValueExW
RegSetValueExA
RegDeleteKeyW
RegSetValueW
RegCreateKeyW
RegEnumKeyExW
RegQueryValueExA
RegOpenKeyExW
RegCloseKey
RegOpenKeyExA
RegCreateKeyExA
RegDeleteKeyA

gdi32

SelectObject
CreateBitmap
GetDIBits
GetObjectType
DeleteDC
StretchBlt
CreateCompatibleBitmap
GetObjectW
CreateCompatibleDC
CreateSolidBrush
SetBrushOrgEx
BitBlt
CreateDCW
CreateDIBSection
SetBkColor
DeleteObject
SetStretchBltMode

kernel32

CopyFileA
ReleaseMutex
GetTempPathW
GetSystemTime
DeleteFileW
WaitForMultipleObjects
LoadLibraryW
QueryPerformanceCounter
lstrlenW
GetLocaleInfoA
InterlockedExchange
SetFilePointer
GetTempFileNameA
CreateDirectoryW
FindFirstFileW
CreateFileA
GetModuleFileNameW
GetFileAttributesA
Sleep
InterlockedIncrement
GetProcessPriorityBoost
FindNextFileW
WriteFile
DeleteCriticalSection
GetACP
SetFileAttributesW
EnumResourceTypesW
DisableThreadLibraryCalls
GetTickCount
CreateMutexA
GetThreadLocale
InterlockedDecrement
GetTempPathA
OutputDebugStringA
CloseHandle
MultiByteToWideChar
GetVersionExA
MulDiv
ExitProcess
GetCurrentProcessId
GetTempFileNameW
ReadFile
FindClose
LeaveCriticalSection
WaitForSingleObject
lstrlenA
CreateDirectoryA
InitializeCriticalSection
RemoveDirectoryW
LocalAlloc
GetModuleFileNameA
WideCharToMultiByte
GetVersionExW
EnterCriticalSection
LocalFree
GetCurrentThreadId
GetProcAddress
SetFileAttributesA
OutputDebugStringW
FreeLibrary
DeleteFileA
GetLastError
GetSystemTimeAsFileTime

shell32

SHGetSpecialFolderPathA

shlwapi

PathRenameExtensionW
PathFileExistsA
PathAddBackslashW
PathRemoveBackslashW
PathIsDirectoryW
PathFileExistsW
PathCombineW
PathAppendW
PathRemoveFileSpecW

user32

TranslateMessage
CopyRect
OffsetRect
SetRectEmpty
GetClientRect
IsRectEmpty
ReleaseDC
GetDC
DispatchMessageW
wsprintfW
FillRect
PeekMessageW
GetWindowRect

winmm

timeGetTime

ole32

CoCreateInstance
StringFromGUID2
CoFreeUnusedLibraries
CoUninitialize
CoInitialize

Sections

.text
Size: 96KB - Virtual size: 96KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 64KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 1024B - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c5c5fc842aba4af091403e864dd902ad

Headers

File Characteristics

Imports

avifil32

advapi32

gdi32

kernel32

shell32

shlwapi

user32

winmm

ole32

Sections

.text Size: 96KB - Virtual size: 96KB

.rdata Size: 3KB - Virtual size: 3KB

.bss Size: 64KB - Virtual size: 64KB

.tls Size: 1024B - Virtual size: 100KB

.text
Size: 96KB - Virtual size: 96KB

.rdata
Size: 3KB - Virtual size: 3KB

.bss
Size: 64KB - Virtual size: 64KB

.tls
Size: 1024B - Virtual size: 100KB