64d91809e481c2fa5088f766ab6ff6548d32fd5731958f506755f0c0ad471b89

Sharing

Copy URL Twitter E-mail

General

Target

64d91809e481c2fa5088f766ab6ff6548d32fd5731958f506755f0c0ad471b89
Size

188KB
MD5

07e2d5890c84ea474e2c73e17157ed70
SHA1

552a3a1af608d7fbcf30d891f8f099fa9987f77c
SHA256

64d91809e481c2fa5088f766ab6ff6548d32fd5731958f506755f0c0ad471b89
SHA512

766e86949db8549335b5b38a4cd6d5fe9506840df34da3aebb858deaa2ffac0445eaef0d330bf7a62ddc977f60fa07af7481818eeea4c1ee825f0dcec03e584e
SSDEEP

3072:ubtGunGro9EKYapO1h1tD2p33vltN9Dx3O143nGAgUW3aQk4QxDN:ItQ8vYawz237U43nGAS3Zk4Q3

Score

N/A

Malware Config

Signatures

Files

64d91809e481c2fa5088f766ab6ff6548d32fd5731958f506755f0c0ad471b89
.dll windows x86

d5644a5de6513243036a255b80f71401

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

avifil32

AVIFileRelease
AVIStreamRelease
AVIStreamSetFormat
AVIMakeCompressedStream
AVISaveOptions
AVIFileCreateStreamA
AVIStreamWrite
AVIStreamGetFrameOpen
AVIStreamStart
AVIFileGetStream
AVIStreamGetFrameClose
AVIFileOpenA
AVIFileInfoA
AVIStreamGetFrame
AVIFileInit
AVIFileExit

user32

GetDC
GetDesktopWindow
SetRect
ReleaseDC

gdi32

DeleteObject
SelectObject
SetDIBits
CreateCompatibleDC
CreateDIBSection
DeleteDC
GetObjectA

binkw32

_BinkWait@4
_BinkDoFrame@4
_BinkShouldSkip@4
_BinkNextFrame@4
_BinkClose@4
_BinkSetSoundTrack@8
_BinkOpen@8
_BinkSetMixBinVolumes@20
_BinkSetVolume@12
_BinkGetTrackID@8
_BinkOpenWaveOut@4
_BinkOpenMiles@4
_BinkOpenDirectSound@4
_BinkSetSoundSystem@8
_BinkSetMemory@8
_BinkPause@8
_BinkGetFrameBuffersInfo@8
_BinkGoto@12
_BinkRegisterFrameBuffers@8

tier0

Msg
Warning
Error
g_pMemAlloc
AssertValidStringPtr
_AssertValidWritePtr
_AssertValidReadPtr
?Lock@CThreadFastMutex@@ACEXII@Z
?DevMsg@@YAXPBDZZ

vstdlib

KeyValuesSystem

kernel32

FlushFileBuffers
CreateFileA
ReadFile
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
GetStringTypeW
GetStringTypeA
GetConsoleMode
GetConsoleCP
SetFilePointer
RtlUnwind
InitializeCriticalSection
GetLocaleInfoA
LoadLibraryA
EnterCriticalSection
LeaveCriticalSection
MultiByteToWideChar
WideCharToMultiByte
GetCurrentThreadId
GetProcAddress
GetModuleHandleA
GetCurrentProcessId
CloseHandle
GetCommandLineA
HeapFree
GetVersionExA
HeapAlloc
GetProcessHeap
GetLastError
UnhandledExceptionFilter
SetUnhandledExceptionFilter
WriteFile
GetStdHandle
GetModuleFileNameA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
ExitProcess
TerminateProcess
GetCurrentProcess
IsDebuggerPresent
SetHandleCount
GetFileType
GetStartupInfoA
DeleteCriticalSection
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LCMapStringA
LCMapStringW

Exports

Exports

CreateInterface

Sections

.text
Size: 84KB - Virtual size: 81KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rmnet
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

d5644a5de6513243036a255b80f71401

Headers

File Characteristics

Imports

avifil32

user32

gdi32

binkw32

tier0

vstdlib

kernel32

Exports

Exports

Sections

.text Size: 84KB - Virtual size: 81KB

.rdata Size: 20KB - Virtual size: 16KB

.data Size: 8KB - Virtual size: 21KB

.reloc Size: 12KB - Virtual size: 10KB

.rmnet Size: 60KB - Virtual size: 60KB

.text
Size: 84KB - Virtual size: 81KB

.rdata
Size: 20KB - Virtual size: 16KB

.data
Size: 8KB - Virtual size: 21KB

.reloc
Size: 12KB - Virtual size: 10KB

.rmnet
Size: 60KB - Virtual size: 60KB