794129e6525495a01d888ac4f03378fc6dc7f48abf842c1af7dd455a201ac49c

Sharing

Copy URL

Twitter E-mail

General

Target

794129e6525495a01d888ac4f03378fc6dc7f48abf842c1af7dd455a201ac49c
Size

125KB
MD5

0d877e5596148ea2518276010d825392
SHA1

6673b830650834db609dbcaff8c6bedb77bd701e
SHA256

794129e6525495a01d888ac4f03378fc6dc7f48abf842c1af7dd455a201ac49c
SHA512

16fcd229c5bc7f8a5ddb1096b6169581ee3efee203b8a027f0ba914d4796d6b5aaa418e83f90a862f530d838c0be8861a394a2496b8a4a3bea1a52f85bb4c9eb
SSDEEP

3072:T3tNkPGemOiwVn8ixLBlzies0k1NLYMm6oa+mUpsW:Td4mOpthY1lYMBGp

Score

N/A

Malware Config

Signatures

Files

794129e6525495a01d888ac4f03378fc6dc7f48abf842c1af7dd455a201ac49c
.exe windows x86

0dae944ec1b47ddb3d8dc25d50a07e04

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualFree
WaitForSingleObject
Sleep
LoadLibraryA
GetModuleHandleW
FindResourceW
QueryPerformanceCounter
BuildCommDCBA
GetSystemTimeAsFileTime
WaitNamedPipeW
InitializeCriticalSection
IsDebuggerPresent
VirtualAlloc
CreateThread
CloseHandle
EnterCriticalSection
GetCurrentThreadId
CreateEventW
LeaveCriticalSection
InterlockedIncrement
LoadLibraryW
OutputDebugStringW
SetUnhandledExceptionFilter
FreeLibrary
InterlockedDecrement
SetLastError
WideCharToMultiByte
SetEvent
CreateMutexW
GetModuleFileNameW
lstrlenW
HeapAlloc
GetLastError
InterlockedExchange
lstrcmpiW
MultiByteToWideChar
InterlockedCompareExchange
LoadResource
FlushInstructionCache
IsProcessorFeaturePresent
GetStartupInfoW
GetVersionExW
ResetEvent
DeleteCriticalSection
FormatMessageW
ReleaseMutex
LocalFree
UnhandledExceptionFilter
RaiseException
TerminateProcess
LoadLibraryExW
ExitProcess
GetCurrentProcessId
WaitForMultipleObjects
GetProcAddress
GetProcessHeap
HeapFree
SizeofResource
CheckRemoteDebuggerPresent
GetVersion
VirtualProtect
GetPriorityClass
ClearCommBreak
GetTickCount
SetCommBreak
GetCurrentProcess
lstrlenA
TerminateThread

user32

PostQuitMessage
SetTimer
DestroyWindow
FillRect
DefWindowProcW
IsMenu
LoadMenuW
CreatePopupMenu
GetClassInfoExW
DrawIconEx
GetCursorPos
DrawTextW
IsWindow
CallWindowProcW
DispatchMessageW
GetDoubleClickTime
GetMenuItemInfoW
LoadCursorW
LoadImageW
DeleteMenu
LoadStringW
RegisterClassExW
SetWindowLongW
TranslateMessage
GetSysColor
CharNextW
GetSysColorBrush
UnregisterClassA
FindWindowW
DestroyMenu
SystemParametersInfoW
SetMenuItemInfoW
GetWindowLongW
DestroyIcon
CreateWindowExW
KillTimer
RegisterWindowMessageW
GetMenuItemCount
SetForegroundWindow
AppendMenuW
GetSystemMetrics
ReleaseDC
TrackPopupMenu
SetMenuDefaultItem
GetSubMenu
PostMessageW
GetDC
GetMessageW

gdi32

SetTextColor
SetBkColor
CreateFontIndirectW
DeleteObject
SelectObject

advapi32

RegEnumValueW
RegDeleteKeyW
RegEnumKeyExW
RegSetValueExW
RegCreateKeyExW
GetUserNameA
RegQueryValueExW
RegNotifyChangeKeyValue
RegOpenKeyExW
RegDeleteValueW
RegCloseKey
RegQueryInfoKeyW

ole32

CoTaskMemAlloc
CoCreateInstance
CoTaskMemFree
CoTaskMemRealloc

oleaut32

VarUI4FromStr

avifil32

EditStreamPaste

Sections

.text
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 36KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0dae944ec1b47ddb3d8dc25d50a07e04

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

ole32

oleaut32

avifil32

Sections

.text Size: 68KB - Virtual size: 67KB

.rdata Size: 10KB - Virtual size: 10KB

.data Size: 36KB - Virtual size: 65KB

.rsrc Size: 7KB - Virtual size: 7KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 68KB - Virtual size: 67KB

.rdata
Size: 10KB - Virtual size: 10KB

.data
Size: 36KB - Virtual size: 65KB

.rsrc
Size: 7KB - Virtual size: 7KB

.reloc
Size: 1KB - Virtual size: 1KB