5642463bcc6ad92612294f0898f570b08ed08a4a20f840294467e959cd4a5c4f

Sharing

Copy URL Twitter E-mail

General

Target

5642463bcc6ad92612294f0898f570b08ed08a4a20f840294467e959cd4a5c4f
Size

27KB
MD5

000e19c326da389db76759ee1e6aa0e1
SHA1

789c35144cf73a1814930268fb4ee34831e5c626
SHA256

5642463bcc6ad92612294f0898f570b08ed08a4a20f840294467e959cd4a5c4f
SHA512

9c9d5c70a00d1841a42692c15bc6e617161f329e407a88500d454cb56eab989c468e6b5d64797c7ad58c41784b6d64247e4524573299eabb382ed1e7b459a818
SSDEEP

768:kuwWnsjimLtFSJqilHHppMPQuM5ccz5n2lAnfHFNZffd:kCsjigFSMilnv/uUccz5K+xffd

Score

N/A

Malware Config

Signatures

Files

5642463bcc6ad92612294f0898f570b08ed08a4a20f840294467e959cd4a5c4f
.exe windows x86

3e39e7f6ae051d320e2e7e912687d316

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualFree
LoadLibraryA
ReadFile
SetHandleCount
GetTickCount
GetStringTypeW
DeleteCriticalSection
WriteFile
GetLocaleInfoW
HeapReAlloc
lstrcpyA
GetVersionExA
FreeEnvironmentStringsA
IsValidLocale
GetEnvironmentStrings
lstrlenA
GetModuleFileNameA
HeapDestroy
TerminateProcess
HeapAlloc
CloseHandle
GetCommandLineA
GetStdHandle
GetSystemInfo
InterlockedDecrement
HeapFree
GetFileType
InitializeCriticalSection
GetACP
GetEnvironmentStringsW
InterlockedIncrement
InterlockedExchange
EnterCriticalSection
GetCurrentProcess
SetEndOfFile
QueryPerformanceCounter
GetUserDefaultLCID
FlushFileBuffers
RaiseException
LCMapStringW
GetCurrentProcessId
SetFilePointer
VirtualProtect
HeapCreate
WideCharToMultiByte
CreateFileA
GetModuleHandleA
GetStringTypeA
SetLastError
TlsFree
lstrlenW
OutputDebugStringA
GetCurrentThreadId
GetLocaleInfoA
HeapSize
GetOEMCP
GetProcessHeap
VirtualAlloc
SetUnhandledExceptionFilter
GetStartupInfoA
LeaveCriticalSection
TlsAlloc
GetSystemTimeAsFileTime
IsValidCodePage
GetLastError
TlsGetValue
GetCPInfo
SetStdHandle
VirtualQuery
Sleep
FreeEnvironmentStringsW
EnumSystemLocalesA
ExitProcess
LCMapStringA
GetProcAddress
TlsSetValue
MultiByteToWideChar

msvcrt

_chdir
exit
_beginthread
_beep

user32

wvsprintfA
ReleaseDC
wsprintfA
OffsetRect
GetDC
GetDesktopWindow
LoadStringA

ntdll

RtlUnwind

advapi32

RegOpenKeyExA
RegQueryValueExA

avifil32

AVIFileInfo

urlmon

URLOpenBlockingStreamW
URLOpenBlockingStreamA

gdi32

CreateCompatibleDC
CreateDIBSection
SelectObject
GetDIBits
DeleteDC
GetPaletteEntries
GetObjectA
CreateCompatibleBitmap
DeleteObject

activeds

FreeADsMem

Sections

.textbss
Size: - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 512B - Virtual size: 504B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

3e39e7f6ae051d320e2e7e912687d316

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcrt

user32

ntdll

advapi32

avifil32

urlmon

gdi32

activeds

Sections

.textbss Size: - Virtual size: 80KB

.idata Size: 21KB - Virtual size: 21KB

.text Size: 512B - Virtual size: 504B

.rsrc Size: 4KB - Virtual size: 72KB

.textbss
Size: - Virtual size: 80KB

.idata
Size: 21KB - Virtual size: 21KB

.text
Size: 512B - Virtual size: 504B

.rsrc
Size: 4KB - Virtual size: 72KB