1123922b24691f7dbed57d36314f9a7a99dee94253b059220074acc8463c1936

Sharing

Copy URL Twitter E-mail

General

Target

1123922b24691f7dbed57d36314f9a7a99dee94253b059220074acc8463c1936
Size

166KB
MD5

b82647e4a58d2dd2fff5ceeaffb69d9b
SHA1

edb460fd8f2d37c4f88781d7c325a35a5319b062
SHA256

1123922b24691f7dbed57d36314f9a7a99dee94253b059220074acc8463c1936
SHA512

36ca963ee9f51aa5bd9cc396b14b0cd2ea020d3ab76b8b6bc05705647a7dff39fe0ae2d5ceac147c7f2aab29bccaed44752b25a8134b481d5245e8997c332094
SSDEEP

3072:044vgJ/VLAe1cCh3dDAZRn1tko9xle2zzxnj4d05s68DDvjhNwK:XJ/VLOCRCko9xleExqg0vVNwK

Score

N/A

Malware Config

Signatures

Files

1123922b24691f7dbed57d36314f9a7a99dee94253b059220074acc8463c1936
.exe windows x86

e524b3506451de5ea2333674ffa73cd9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegEnumKeyExW
RegDeleteKeyW
RegOpenKeyExW
RegCreateKeyExA
RegOpenKeyExA
RegCreateKeyW
RegQueryValueExA
RegCloseKey
RegSetValueExW
RegQueryValueExW
RegSetValueW
RegSetValueExA
RegDeleteKeyA

user32

wsprintfW
PeekMessageW
TranslateMessage
DispatchMessageW
IsRectEmpty
GetClientRect
ReleaseDC
FillRect
OffsetRect
CopyRect
SetRectEmpty
GetDC
GetWindowRect

avifil32

AVISaveOptions
AVIMakeCompressedStream

shlwapi

PathCombineW
PathIsDirectoryW
PathAppendW
PathFileExistsA
PathFileExistsW
PathAddBackslashW
PathRemoveBackslashW
PathRenameExtensionW
PathRemoveFileSpecW

ole32

CoCreateInstance
CoFreeUnusedLibraries
CoUninitialize
StringFromGUID2
CoInitialize

gdi32

CreateSolidBrush
CreateDCW
SetBkColor
CreateBitmap
StretchBlt
GetObjectW
DeleteDC
CreateDIBSection
SelectObject
SetBrushOrgEx
CreateCompatibleDC
BitBlt
GetObjectType
DeleteObject
GetDIBits
CreateCompatibleBitmap
SetStretchBltMode

kernel32

InterlockedIncrement
GetSystemTime
GetLastError
InterlockedDecrement
GetProcAddress
Sleep
GetACP
lstrlenA
GetThreadLocale
WaitForMultipleObjects
GetVersionExA
DeleteFileW
WriteFile
SetFileAttributesA
CloseHandle
GetPriorityClass
DeleteCriticalSection
LoadLibraryW
InterlockedExchange
DisableThreadLibraryCalls
OutputDebugStringA
EnterCriticalSection
GetTempPathW
CreateMutexA
FindClose
QueryPerformanceCounter
EnumResourceTypesW
GetLocaleInfoA
GetCurrentThreadId
LocalFree
GetCurrentProcessId
RemoveDirectoryW
CopyFileA
FindFirstFileW
GetFileAttributesA
SetFileAttributesW
MulDiv
LeaveCriticalSection
GetTempFileNameA
CreateDirectoryW
WideCharToMultiByte
CreateDirectoryA
GetModuleFileNameA
CreateFileA
ReleaseMutex
ReadFile
WaitForSingleObject
GetVersionExW
lstrlenW
ExitProcess
LocalAlloc
MultiByteToWideChar
FreeLibrary
FindNextFileW
InitializeCriticalSection
SetFilePointer
GetTempFileNameW
OutputDebugStringW
DeleteFileA
GetModuleFileNameW
GetTempPathA
GetTickCount
GetSystemTimeAsFileTime

shell32

SHGetSpecialFolderPathA

winmm

timeGetTime

Sections

.text
Size: 96KB - Virtual size: 95KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 65KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 1024B - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e524b3506451de5ea2333674ffa73cd9

Headers

File Characteristics

Imports

advapi32

user32

avifil32

shlwapi

ole32

gdi32

kernel32

shell32

winmm

Sections

.text Size: 96KB - Virtual size: 95KB

.rdata Size: 3KB - Virtual size: 3KB

.bss Size: 65KB - Virtual size: 64KB

.tls Size: 1024B - Virtual size: 104KB

.text
Size: 96KB - Virtual size: 95KB

.rdata
Size: 3KB - Virtual size: 3KB

.bss
Size: 65KB - Virtual size: 64KB

.tls
Size: 1024B - Virtual size: 104KB