ed56d173aeb66608a6f3bb6413c0e4bd330fdf5093492b169fc7e9ba1edc8b19

Sharing

Copy URL Twitter E-mail

General

Target

ed56d173aeb66608a6f3bb6413c0e4bd330fdf5093492b169fc7e9ba1edc8b19
Size

259KB
MD5

f992a72459e88413e134e477666f2298
SHA1

3bf29e6610fef2ccbb2cac8da29f576be55aba6b
SHA256

ed56d173aeb66608a6f3bb6413c0e4bd330fdf5093492b169fc7e9ba1edc8b19
SHA512

a7598e1b2271e0c2d67f0b7b8630b8d1da67cf9ddd90484f409f849f68d2d56e0fe9352d82d361ba5143b3ab20f4741910c26d5788695c25ff46f57d5e4ab5c0
SSDEEP

6144:2tCYbR374XGrEPT/0mTJbxCnNKk5HoWQ2RLwVZD8dSEekpPo:ivbR37qGrcT8mtVCNKCHoEGZdgP

Score

N/A

Malware Config

Signatures

Files

ed56d173aeb66608a6f3bb6413c0e4bd330fdf5093492b169fc7e9ba1edc8b19
.exe windows x86

4ca66300484f554e41f7a2342235aab4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

glu32

gluEndCurve
gluNurbsCallback
gluTessBeginContour
gluTessEndContour
gluNurbsCurve

user32

CreateDialogParamA
SetWindowTextA
DialogBoxIndirectParamA
AnyPopup

gdi32

FloodFill
Escape
ChoosePixelFormat
CreateCompatibleDC
FillRgn
ExtCreateRegion
GetAspectRatioFilterEx
DescribePixelFormat
DeleteObject
CopyMetaFileA
GdiFlush

comctl32

CreatePropertySheetPageA
ord13
ord15

shlwapi

SHRegDeleteUSValueA
PathMatchSpecA
PathUnmakeSystemFolderW
PathCompactPathW
PathAddExtensionA
PathGetCharTypeA
SHRegDeleteEmptyUSKeyA
ChrCmpIW
StrCatW
SHRegEnumUSValueW
StrCmpNIA
PathIsUNCA
SHRegGetBoolUSValueA
PathGetDriveNumberW
StrCmpNW
StrCmpNA

kernel32

CreateFileA
CloseHandle
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
GetModuleHandleA
GetProcAddress
VirtualAllocEx
Sleep
LoadLibraryA
IsProcessorFeaturePresent
FlushFileBuffers
SetStdHandle
CreateFileW
MultiByteToWideChar
GetStringTypeW
HeapReAlloc
LCMapStringW
ReadFile
SetEndOfFile
GetProcessHeap
HeapSize
WriteConsoleW
HeapAlloc
LoadLibraryW
GetCurrentDirectoryW
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
InterlockedDecrement
GetCurrentThreadId
SetLastError
InterlockedIncrement
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetModuleFileNameA
GetModuleFileNameW
GetLastError
GetFullPathNameA
HeapFree
GetCommandLineA
HeapSetInformation
GetStartupInfoW
GetDriveTypeW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
EncodePointer
DecodePointer
TerminateProcess
GetCurrentProcess
WriteFile
WideCharToMultiByte
GetConsoleCP
GetConsoleMode
EnterCriticalSection
LeaveCriticalSection
SetHandleCount
GetStdHandle
InitializeCriticalSectionAndSpinCount
GetFileType
DeleteCriticalSection
RtlUnwind
SetFilePointer
HeapCreate
GetModuleHandleW
ExitProcess

msvfw32

ICSeqCompressFrameStart
DrawDibSetPalette
ICSeqCompressFrameEnd
DrawDibStop
DrawDibProfileDisplay

avifil32

AVIStreamSetFormat
AVISaveVA
AVIStreamCreate
AVIStreamReadFormat
AVISaveVW
AVIFileCreateStreamA
AVIFileRelease
EditStreamSetInfoW
EditStreamSetInfoA

avicap32

capGetDriverDescriptionW

uxtheme

HitTestThemeBackground
GetThemeFont
GetThemeSysColorBrush
GetThemeTextExtent
GetThemeFilename
EnableTheming
ord47
GetThemeMargins
GetThemePosition
SetThemeAppProperties

ws2_32

accept
htons
ntohl
bind
socket
send
getpeername
ioctlsocket
getprotobynumber

Sections

.vtuwfh
Size: 123KB - Virtual size: 122KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 119KB - Virtual size: 119KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vbntyew
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.erywzs
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4ca66300484f554e41f7a2342235aab4

Headers

DLL Characteristics

File Characteristics

Imports

glu32

user32

gdi32

comctl32

shlwapi

kernel32

msvfw32

avifil32

avicap32

uxtheme

ws2_32

Sections

.vtuwfh Size: 123KB - Virtual size: 122KB

.rdata Size: 119KB - Virtual size: 119KB

.data Size: 9KB - Virtual size: 16KB

.vbntyew Size: 5KB - Virtual size: 5KB

.erywzs Size: 512B - Virtual size: 32B

.rsrc Size: 512B - Virtual size: 16B

.vtuwfh
Size: 123KB - Virtual size: 122KB

.rdata
Size: 119KB - Virtual size: 119KB

.data
Size: 9KB - Virtual size: 16KB

.vbntyew
Size: 5KB - Virtual size: 5KB

.erywzs
Size: 512B - Virtual size: 32B

.rsrc
Size: 512B - Virtual size: 16B