f85a097e514f8f39474ba4b9e7105a8793e43353d42fb48820d9c699556accb7

Sharing

Copy URL

Twitter E-mail

General

Target

f85a097e514f8f39474ba4b9e7105a8793e43353d42fb48820d9c699556accb7
Size

182KB
MD5

0663298436b95108dcf5b7e025658aea
SHA1

21c2f9406417d8eb886ffa8864f40f5a7e8d660d
SHA256

f85a097e514f8f39474ba4b9e7105a8793e43353d42fb48820d9c699556accb7
SHA512

12679890a241557023fcab6812a52028ed65710973f522e15bade5a6ab619676475aaca8c69d75fa807bdc4dd8b51b9e42731041bc45223bc7e23ae27d63b480
SSDEEP

3072:Oot295rKa/T6IYw/Qjz7S2duI0HnA4v7EVW/YL8Kxp4soFIhf72BQ/tHsvB1apnu:NAKamxw/QbS2MAPW/YL8wbwIIks/apu

Score

N/A

Malware Config

Signatures

Files

f85a097e514f8f39474ba4b9e7105a8793e43353d42fb48820d9c699556accb7
.exe windows x86

5d1f8e1b19728592dcf006d8be1da1ac

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

OutputDebugStringW
GetProcAddress
GetSystemTime
FindFirstFileW
MultiByteToWideChar
LoadLibraryW
Sleep
InterlockedExchange
WaitNamedPipeA
InterlockedDecrement
GetCurrentProcessId
CreateDirectoryW
GetThreadLocale
EnterCriticalSection
CreateDirectoryA
GetLocaleInfoA
GetTempPathA
CreateMutexA
DeleteCriticalSection
ReleaseMutex
DeleteFileA
LeaveCriticalSection
GetVersionExW
lstrlenA
GetProcessAffinityMask
RemoveDirectoryW
OutputDebugStringA
GetModuleFileNameA
SetFileAttributesA
GetTempFileNameA
WideCharToMultiByte
lstrlenW
EnumResourceTypesW
GetTempPathW
CloseHandle
QueryPerformanceCounter
ReadFile
GetCurrentThreadId
SetFileAttributesW
LocalAlloc
GetLastError
FindNextFileW
GetFileAttributesA
FreeLibrary
CopyFileA
FindClose
InterlockedIncrement
GetTempFileNameW
GetVersionExA
MulDiv
CreateFileA
TerminateProcess
DeleteFileW
SetFilePointer
GetModuleFileNameW
WaitForSingleObject
WriteFile
GetTickCount
InitializeCriticalSection
GetACP
LocalFree
DisableThreadLibraryCalls
GetSystemTimeAsFileTime

avifil32

AVISaveOptions
AVIMakeCompressedStream

user32

FillRect
SetRectEmpty
GetClientRect
CopyRect
wsprintfW
TranslateMessage
PeekMessageW
GetDC
DispatchMessageW
OffsetRect
IsRectEmpty
ReleaseDC
GetWindowRect

advapi32

RegEnumKeyExW
RegSetValueExA
RegSetValueExW
RegCloseKey
RegOpenKeyExA
RegCreateKeyW
RegOpenKeyExW
RegQueryValueExA
RegSetValueW
RegDeleteKeyW
RegQueryValueExW
RegCreateKeyExA
RegDeleteKeyA

gdi32

SelectObject
GetObjectW
SetBkColor
DeleteObject
CreateCompatibleBitmap
CreateBitmap
CreateCompatibleDC
GetDIBits
DeleteDC
CreateDIBSection
BitBlt
CreateDCW
GetObjectType
CreateSolidBrush
StretchBlt
SetBrushOrgEx
SetStretchBltMode

winmm

timeGetTime

shlwapi

PathAddBackslashW
PathIsDirectoryW
PathRenameExtensionW
PathAppendW
PathRemoveBackslashW
PathFileExistsA
PathFileExistsW
PathCombineW
PathRemoveFileSpecW

Sections

.text
Size: 107KB - Virtual size: 106KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 70KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 1024B - Virtual size: 124KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5d1f8e1b19728592dcf006d8be1da1ac

Headers

File Characteristics

Imports

kernel32

avifil32

user32

advapi32

gdi32

winmm

shlwapi

Sections

.text Size: 107KB - Virtual size: 106KB

.rdata Size: 3KB - Virtual size: 3KB

.bss Size: 70KB - Virtual size: 69KB

.tls Size: 1024B - Virtual size: 124KB

.text
Size: 107KB - Virtual size: 106KB

.rdata
Size: 3KB - Virtual size: 3KB

.bss
Size: 70KB - Virtual size: 69KB

.tls
Size: 1024B - Virtual size: 124KB