0891e6b0571dd1e4afa875594bdc49261f16057eca5b363577530cfc85798137

Sharing

Copy URL Twitter E-mail

General

Target

0891e6b0571dd1e4afa875594bdc49261f16057eca5b363577530cfc85798137
Size

181KB
MD5

115b904e9bab644d3fc7473317a12276
SHA1

6b5521f3db3af3665904260b4f4b6e05dc1e1fed
SHA256

0891e6b0571dd1e4afa875594bdc49261f16057eca5b363577530cfc85798137
SHA512

32f2f5cf911d492d6d8d4b4a6c9c4f01da9eb441b69636d94224c78c7bffc95ffbe70ef418c17d803508aa0220335a35cfb8edf28f3391e037b70bde085275e4
SSDEEP

3072:U25XJG1Vcpe2l/ApO+tyhHPPJf1a8RCRhZLYnoJQLXMtHT:L5ZGKe4hHP69JF+TMh

Score

N/A

Malware Config

Signatures

Files

0891e6b0571dd1e4afa875594bdc49261f16057eca5b363577530cfc85798137
.exe windows x86

9b6c0af4318c838253781a9d65406ebc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

avifil32

AVISaveOptions
AVIMakeCompressedStream

winmm

timeGetTime

kernel32

GetModuleFileNameA
CloseHandle
OutputDebugStringA
FindNextFileW
LocalAlloc
DeleteFileW
CreateMutexA
WaitNamedPipeA
InitializeCriticalSection
EnterCriticalSection
InterlockedExchange
GetTempPathA
CreateDirectoryA
LeaveCriticalSection
GetLocaleInfoA
GetVersionExW
TerminateProcess
FindClose
GetSystemTime
SetFileAttributesW
FindFirstFileW
GetProcessAffinityMask
SetFileAttributesA
GetTempFileNameA
GetTempFileNameW
FreeLibrary
LocalFree
CreateDirectoryW
DeleteCriticalSection
DisableThreadLibraryCalls
GetLastError
WideCharToMultiByte
DeleteFileA
ReleaseMutex
lstrlenW
CopyFileA
EnumResourceTypesW
GetTickCount
InterlockedIncrement
LoadLibraryW
GetVersionExA
GetFileAttributesA
ReadFile
WriteFile
GetACP
GetProcAddress
CreateFileA
QueryPerformanceCounter
OutputDebugStringW
SetFilePointer
lstrlenA
GetTempPathW
GetThreadLocale
GetCurrentProcessId
Sleep
InterlockedDecrement
GetModuleFileNameW
MulDiv
RemoveDirectoryW
MultiByteToWideChar
GetCurrentThreadId
WaitForSingleObject
GetSystemTimeAsFileTime

user32

SetRectEmpty
OffsetRect
IsRectEmpty
FillRect
ReleaseDC
GetClientRect
wsprintfW
CopyRect
TranslateMessage
GetDC
DispatchMessageW
PeekMessageW
GetWindowRect

shlwapi

PathAppendW
PathRenameExtensionW
PathFileExistsA
PathRemoveBackslashW
PathAddBackslashW
PathCombineW
PathIsDirectoryW
PathFileExistsW
PathRemoveFileSpecW

Sections

.text
Size: 105KB - Virtual size: 105KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 71KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 1024B - Virtual size: 124KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9b6c0af4318c838253781a9d65406ebc

Headers

File Characteristics

Imports

avifil32

winmm

kernel32

user32

shlwapi

Sections

.text Size: 105KB - Virtual size: 105KB

.rdata Size: 2KB - Virtual size: 2KB

.bss Size: 71KB - Virtual size: 71KB

.tls Size: 1024B - Virtual size: 124KB

.text
Size: 105KB - Virtual size: 105KB

.rdata
Size: 2KB - Virtual size: 2KB

.bss
Size: 71KB - Virtual size: 71KB

.tls
Size: 1024B - Virtual size: 124KB