4f0158bc9db2245b36ea0c7d7e8e32912a41e8f865580f384d72cb5537cdd6cd

Sharing

Copy URL

Twitter E-mail

General

Target

4f0158bc9db2245b36ea0c7d7e8e32912a41e8f865580f384d72cb5537cdd6cd
Size

86KB
MD5

ebd06e24652100c2bfc428ae8dd4496f
SHA1

bc9ce51d7b2c178f9e5a4846c8556f1b3231eb75
SHA256

4f0158bc9db2245b36ea0c7d7e8e32912a41e8f865580f384d72cb5537cdd6cd
SHA512

e742902e722f449f163468775390eac6777561e1e517ea6f0e7e6074c534b797207e9d3a715fb1c0201b481a81d8b184ad847430b4316bbdb080d8e8c7fd2907
SSDEEP

1536:B5ISRCI7TwBdHLqN9PvZZomf+8duavaAjcxE/iSuTQM:BgPbHLANvZZom+8duaSUcxEqSKQ

Score

N/A

Malware Config

Signatures

Files

4f0158bc9db2245b36ea0c7d7e8e32912a41e8f865580f384d72cb5537cdd6cd
.exe windows x86

2c0aa1b24ef979c0da7211d1127fded8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VerLanguageNameA
GetDateFormatA
WaitForMultipleObjects
VirtualProtect
CreateMutexA
GetModuleHandleA
GetProcAddress
GetComputerNameA
ReleaseSemaphore
VirtualAlloc
FreeEnvironmentStringsA
GetCommandLineA
CreateSemaphoreA
GetCurrentThreadId
GetTickCount
GetEnvironmentVariableA
CloseHandle
ResetEvent
OpenSemaphoreA
LocalReAlloc
GetModuleFileNameA
GetLastError
GetFullPathNameA
HeapFree
GetStartupInfoA
GetVersion
ExitProcess
GetCurrentDirectoryA
GetDriveTypeA
HeapAlloc
EnterCriticalSection
LeaveCriticalSection
ReadFile
FlushFileBuffers
WriteFile
InitializeCriticalSection
DeleteCriticalSection
HeapDestroy
HeapCreate
VirtualFree
HeapReAlloc
SetHandleCount
GetStdHandle
GetFileType
SetFilePointer
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
TlsSetValue
TlsAlloc
SetLastError
TlsGetValue
RtlUnwind
SetStdHandle
InterlockedDecrement
InterlockedIncrement
GetCPInfo
GetACP
GetOEMCP
LoadLibraryA
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW

version

GetFileVersionInfoA
VerQueryValueA
VerInstallFileA
GetFileVersionInfoSizeA
VerFindFileA

avifil32

AVIStreamGetFrame
AVIMakeFileFromStreams
AVIFileOpenA
AVIStreamTimeToSample
CreateEditableStream
AVISaveOptions
AVIPutFileOnClipboard
EditStreamSetNameW

avicap32

capCreateCaptureWindowA

msvfw32

GetOpenFileNamePreviewA
ICInfo
ICImageCompress
ICSeqCompressFrameEnd

uxtheme

IsThemeActive

ws2_32

shutdown
getpeername
socket
inet_addr
sendto
closesocket
bind
htonl
getprotobynumber
listen
ntohs
gethostbyaddr
setsockopt
select
gethostbyname

wsnmp32

ord900
ord600
ord902
ord220
ord501

Sections

.text
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2c0aa1b24ef979c0da7211d1127fded8

Headers

File Characteristics

Imports

kernel32

version

avifil32

avicap32

msvfw32

uxtheme

ws2_32

wsnmp32

Sections

.text Size: 29KB - Virtual size: 28KB

.rdata Size: 7KB - Virtual size: 6KB

.data Size: 3KB - Virtual size: 14KB

.rsrc Size: 42KB - Virtual size: 41KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 29KB - Virtual size: 28KB

.rdata
Size: 7KB - Virtual size: 6KB

.data
Size: 3KB - Virtual size: 14KB

.rsrc
Size: 42KB - Virtual size: 41KB

.reloc
Size: 4KB - Virtual size: 3KB