ca994324dc6c3c605d1ee56c6e9683a1c4e282500c99fa992c3bcf20a2360698

Sharing

Copy URL Twitter E-mail

General

Target

ca994324dc6c3c605d1ee56c6e9683a1c4e282500c99fa992c3bcf20a2360698
Size

230KB
MD5

d1bd8bdf16b07e08e8e01d75ddcc0195
SHA1

33abadb3c61f40b0f1e9f98cdbca8f7c3067834c
SHA256

ca994324dc6c3c605d1ee56c6e9683a1c4e282500c99fa992c3bcf20a2360698
SHA512

5a82fae6d04e3ecddee25b251b5d2760ea921b03da28e1f7f2394bf410a2ca83a73df2bf52adebabb2280a9ab4fb79ded7c9a8ca3a1f33f8d1fd69c43b2e6c0a
SSDEEP

3072:HaNuANXTHrpoA6fsGQksQ3VgU6eOxpkImwbCvJt/mHjjFpYFTxbXw0a3:6U6XP0hsQlKempfmkCvjm/MF

Score

N/A

Malware Config

Signatures

Files

ca994324dc6c3c605d1ee56c6e9683a1c4e282500c99fa992c3bcf20a2360698
.exe windows x86

28624ba98878aa87b4997ab7c9b448b5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateEventA
CloseHandle
TerminateThread
WaitForSingleObject
SetEvent
ResumeThread
CreateThread
InitializeCriticalSection
DeleteCriticalSection
VirtualFree
LeaveCriticalSection
EnterCriticalSection
VirtualAlloc
ResetEvent
InterlockedExchange
CancelIo
Sleep
DeleteFileA
GetLastError
CreateDirectoryA
GetFileAttributesA
lstrcpyA
lstrlenA
CreateProcessA
lstrcatA
GetDriveTypeA
GetDiskFreeSpaceExA
GetVolumeInformationA
GetLogicalDriveStringsA
FindClose
LocalFree
FindNextFileA
LocalReAlloc
FindFirstFileA
LocalAlloc
RemoveDirectoryA
GetFileSize
CreateFileA
ReadFile
SetFilePointer
WriteFile
MoveFileA
GetStartupInfoA
GetWindowsDirectoryA
WinExec
GetProcAddress
LoadLibraryA
GetVersionExA
Process32Next
Process32First
CreateToolhelp32Snapshot
GetSystemDirectoryA
GetLocalTime
HeapFree
HeapAlloc
GetProcessHeap
LocalSize
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
GlobalSize
GetTickCount
GlobalMemoryStatus
GetSystemInfo
OpenEventA
SetErrorMode
CreateMutexA
CopyFileA
GetModuleFileNameA
GetSystemTime
GetCurrentThreadId
SetFileTime
LocalFileTimeToFileTime
SystemTimeToFileTime
CreatePipe
DisconnectNamedPipe
TerminateProcess
PeekNamedPipe
WaitForMultipleObjects
OpenProcess
GetCurrentProcess
lstrcmpiA
RtlUnwind
RaiseException
ExitProcess
TlsSetValue
TlsGetValue
ExitThread
GetModuleHandleA
GetCommandLineA
GetVersion
TlsAlloc
SetLastError
SetUnhandledExceptionFilter
GetEnvironmentVariableA
HeapDestroy
HeapCreate
HeapReAlloc
IsBadWritePtr
HeapSize
SetHandleCount
GetStdHandle
GetFileType
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
IsBadReadPtr
IsBadCodePtr
InterlockedDecrement
InterlockedIncrement
FlushFileBuffers
MultiByteToWideChar
GetStringTypeA
GetStringTypeW
GetCPInfo
GetACP
GetOEMCP
LCMapStringA
LCMapStringW
SetStdHandle
FreeLibrary

msvfw32

ICSeqCompressFrameEnd
ICCompressorFree
ICClose
ICOpen
ICSendMessage
ICSeqCompressFrameStart
ICSeqCompressFrame

Sections

.text
Size: 125KB - Virtual size: 125KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 25KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 61KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

28624ba98878aa87b4997ab7c9b448b5

Headers

File Characteristics

Imports

kernel32

msvfw32

Sections

.text Size: 125KB - Virtual size: 125KB

.rdata Size: 17KB - Virtual size: 16KB

.data Size: 25KB - Virtual size: 35KB

.rsrc Size: 61KB - Virtual size: 60KB

.text
Size: 125KB - Virtual size: 125KB

.rdata
Size: 17KB - Virtual size: 16KB

.data
Size: 25KB - Virtual size: 35KB

.rsrc
Size: 61KB - Virtual size: 60KB