6db1b9e797a56b12bae438da6e5ad8d8b1aac7fe179bac0abffdfc29ffa918be

Sharing

Copy URL Twitter E-mail

General

Target

6db1b9e797a56b12bae438da6e5ad8d8b1aac7fe179bac0abffdfc29ffa918be
Size

44KB
MD5

bef49dab6ab37546f67dc5845fa1aaee
SHA1

1be5de9b95cf305507aa21f316c0fc387f387e24
SHA256

6db1b9e797a56b12bae438da6e5ad8d8b1aac7fe179bac0abffdfc29ffa918be
SHA512

b9b63a5485410099ead97fdb3cc2e13355ce7d93ee82c0d31da0b3c3dd9f630811171b3ea4a6c8fc5857b4cc0430196c1d67ae6f677d1b7c564fc6ea1fddee73
SSDEEP

768:d7YpPnMFfz0gbOBvmvqKcBsh29GZFrKtocPkmtPKXQhavHGWSaSZpO:kM6gbkaqKvh29SeBkmtPYQ4b6w

Score

N/A

Malware Config

Signatures

Files

6db1b9e797a56b12bae438da6e5ad8d8b1aac7fe179bac0abffdfc29ffa918be
.exe windows x86

b1d9e965440aef21dc90008e288f4b2d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ntmsapi

EjectDiskFromSADriveW

shell32

ShellExecuteExW

msvcrt

_initterm
_beep
_onexit
_chdir
exit
free
_purecall
wcscpy
swscanf
wcsstr
_except_handler3
iswdigit
wcslen
wcstoul
_wtol
__dllonexit
setlocale
wcsrchr
_beginthread
malloc
swprintf

ole32

CoSetProxyBlanket
CoTaskMemFree
CoTaskMemAlloc
CoCreateInstance
ReleaseStgMedium
CoUninitialize
CoInitialize
CreateStreamOnHGlobal

kernel32

GetModuleHandleW
InterlockedExchange
LoadLibraryExW
GetCurrentThreadId
TerminateProcess
GetCurrentProcess
HeapAlloc
IsBadReadPtr
SetEvent
GetProcAddress
FreeLibrary
GetModuleHandleA
CreateEventW
GlobalFree
WaitForSingleObject
LeaveCriticalSection
GetFileAttributesW
lstrcpynW
GetWindowsDirectoryW
GetTickCount
GlobalAlloc
GetComputerNameW
LoadLibraryA
EnterCriticalSection
LocalFree
LocalAlloc
GetSystemTimeAsFileTime
Sleep
GetVersion
SetUnhandledExceptionFilter
GetProcessHeap
lstrlenW
lstrcmpW
GetModuleFileNameW
ResumeThread
SetLastError
GetCurrentProcessId
GlobalLock
DeleteCriticalSection
LoadLibraryW
GetLastError
UnhandledExceptionFilter
QueryPerformanceCounter
CloseHandle
InitializeCriticalSection
VirtualAlloc
GlobalUnlock
OutputDebugStringA

activeds

FreeADsMem

dmutil

ShowMessage

gdi32

ExtTextOutW
CreateHatchBrush
GetBkColor
DeleteObject

user32

EnableWindow
WinHelpW
KillTimer
FillRect
DestroyIcon
RegisterClipboardFormatW
GetParent
CallNextHookEx
DrawFocusRect
UnhookWindowsHookEx
CopyRect
SendMessageW
GetDesktopWindow
LoadBitmapW
PostThreadMessageW
CreatePopupMenu
SetWindowsHookExW
LoadStringW
SetTimer
AppendMenuW
PostMessageW
RedrawWindow
LoadIconW
SetWindowLongW
GetSysColor
InvalidateRect
GetWindowLongW

avifil32

AVIFileInfo

Sections

.textbss
Size: - Virtual size: 240KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 512B - Virtual size: 500B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 39KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

b1d9e965440aef21dc90008e288f4b2d

Headers

File Characteristics

Imports

ntmsapi

shell32

msvcrt

ole32

kernel32

activeds

dmutil

gdi32

user32

avifil32

Sections

.textbss Size: - Virtual size: 240KB

.idata Size: 3KB - Virtual size: 3KB

.text Size: 512B - Virtual size: 500B

.rsrc Size: 39KB - Virtual size: 40KB

.textbss
Size: - Virtual size: 240KB

.idata
Size: 3KB - Virtual size: 3KB

.text
Size: 512B - Virtual size: 500B

.rsrc
Size: 39KB - Virtual size: 40KB