72cee6b7c7316baabb3d08a869026ec385354c46ea9ecbe8c16ae4bcac8d6005

Sharing

Copy URL

Twitter E-mail

General

Target

72cee6b7c7316baabb3d08a869026ec385354c46ea9ecbe8c16ae4bcac8d6005
Size

441KB
MD5

22eb0502587f452142537f6b54c1e9c0
SHA1

0ec5fc20a5969e556253a5085abd30ba23acf694
SHA256

72cee6b7c7316baabb3d08a869026ec385354c46ea9ecbe8c16ae4bcac8d6005
SHA512

47f0c4f8c70a8f36b12dd17bc5bef60a5afc5751d3ce56f557a9e8d4973077a2dfd09093c122d7c6fe4b1ba77532f25d53fb61d2738ffac4cd4bc6e18c22591b
SSDEEP

12288:q+Ia0MLQxfquHY/asaH3fNRYu6gRH60+W:t5FQxPooFRYGH60H

Score

N/A

Malware Config

Signatures

Files

72cee6b7c7316baabb3d08a869026ec385354c46ea9ecbe8c16ae4bcac8d6005
.exe windows x86

b357f9ca86a2ae01242bca86e7138618

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_NO_BIND
IMAGE_DLLCHARACTERISTICS_GUARD_CF
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_NET_RUN_FROM_SWAP

Imports

kernel32

SetStdHandle
WriteConsoleW
SetFilePointer
FlushFileBuffers
GetConsoleMode
GetConsoleCP
HeapReAlloc
HeapSize
Sleep
GetStringTypeW
MultiByteToWideChar
LCMapStringW
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetModuleFileNameA
GetModuleFileNameW
GetStdHandle
LoadLibraryW
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
GetCurrentProcess
TerminateProcess
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
SetLastError
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
CreateFileW
CompareStringW
GetLastError
GetTimeZoneInformation
CreateThread
CloseHandle
SetEvent
CreateEventA
WaitForSingleObject
CreateFileA
WriteFile
HeapCreate
CreateDirectoryA
FindFirstFileA
lstrcpyA
lstrcatA
CopyFileA
GetFileAttributesA
SetFileAttributesA
FindNextFileA
FindClose
SetFilePointerEx
ReadFile
GetCurrentThreadId
GlobalAlloc
EncodePointer
SetEnvironmentVariableA
IsValidCodePage
GetOEMCP
GetACP
InterlockedDecrement
InterlockedIncrement
GetCPInfo
IsProcessorFeaturePresent
GlobalLock
GlobalUnlock
HeapFree
HeapAlloc
GetStartupInfoW
FormatMessageA
DeviceIoControl
HeapSetInformation
GetCommandLineA
FindFirstFileExA
FileTimeToLocalFileTime
lstrcmpiA
FileTimeToSystemTime
DecodePointer
ExitProcess
GetModuleHandleW
GetProcAddress
WideCharToMultiByte
RtlUnwind
RaiseException
GetConsoleWindow
GetModuleHandleA
EnterCriticalSection

user32

wsprintfA
EndPaint
BeginPaint
GetDlgItem
GetWindow
GetWindowLongA
GetClassNameA
EnumDisplayMonitors
GetSystemMenu
DeleteMenu
GetSysColorBrush
LoadCursorA
DestroyWindow
DestroyMenu
TrackPopupMenu
GetSubMenu
LoadMenuA
CallWindowProcA
MessageBoxA
GetClientRect
SetWindowTextW
EnumDisplaySettingsA
CreatePopupMenu
InsertMenuItemA
CopyRect
FillRect
GetParent
SendMessageA
GetSystemMetrics
DefWindowProcA
CreateWindowExW
PostQuitMessage
EnableMenuItem
PostMessageA
GetWindowTextLengthA
GetWindowTextA
GetWindowDC
GetWindowRect
GetCursorInfo
GetCursorPos
WindowFromPoint
GetCursor
GetWindowThreadProcessId
AttachThreadInput
DestroyAcceleratorTable
GetDlgItemTextW
MoveWindow
GetDC
ReleaseDC
DialogBoxParamA

gdi32

RestoreDC
BitBlt
TextOutA
ChoosePixelFormat
SetPixelFormat
CreateCompatibleDC
CreateCompatibleBitmap
SelectObject
GetTextExtentPoint32A
GetDIBits
DeleteDC
DeleteObject
GetObjectA
CreatePen
CreateSolidBrush
Ellipse
GetStockObject
GetCurrentPositionEx
MoveToEx
LineTo
Rectangle
CreateFontIndirectA
SaveDC
GetDeviceCaps
CreateFontA

comdlg32

GetOpenFileNameW
CommDlgExtendedError

ole32

StringFromCLSID
CoInitializeEx
CoGetInterfaceAndReleaseStream
CoUninitialize
CoInitialize
MkParseDisplayName
CoTaskMemFree
CreateBindCtx

avifil32

AVIFileInit
AVIFileExit
AVIStreamOpenFromFileA
AVIMakeCompressedStream
AVIStreamSetFormat
AVIStreamInfoA

msvfw32

ICInfo
ICClose
ICGetInfo
ICOpen
ICCompressorChoose

winmm

mmioOpenA
mmioStringToFOURCCA
mmioDescend
mmioClose

shlwapi

PathFileExistsA
PathFindExtensionA
StrRChrA
StrRetToStrA

pdh

PdhOpenQueryA
PdhAddCounterW
PdhCollectQueryData
PdhGetFormattedCounterValue
PdhCloseQuery

imm32

ImmGetContext
ImmReleaseContext
ImmGetCompositionStringA

msi

ord40

Sections

.text
Size: 71KB - Virtual size: 71KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.port
Size: 126KB - Virtual size: 125KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.fast
Size: 39KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.base
Size: 66KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ddata
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 78KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b357f9ca86a2ae01242bca86e7138618

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

ole32

avifil32

msvfw32

winmm

shlwapi

pdh

imm32

msi

Sections

.text Size: 71KB - Virtual size: 71KB

.rdata Size: 26KB - Virtual size: 26KB

.data Size: 5KB - Virtual size: 12KB

.port Size: 126KB - Virtual size: 125KB

.fast Size: 39KB - Virtual size: 39KB

.edata Size: 16KB - Virtual size: 15KB

.base Size: 66KB - Virtual size: 65KB

.ddata Size: 11KB - Virtual size: 11KB

.rsrc Size: 78KB - Virtual size: 77KB

.text
Size: 71KB - Virtual size: 71KB

.rdata
Size: 26KB - Virtual size: 26KB

.data
Size: 5KB - Virtual size: 12KB

.port
Size: 126KB - Virtual size: 125KB

.fast
Size: 39KB - Virtual size: 39KB

.edata
Size: 16KB - Virtual size: 15KB

.base
Size: 66KB - Virtual size: 65KB

.ddata
Size: 11KB - Virtual size: 11KB

.rsrc
Size: 78KB - Virtual size: 77KB