c16585455c32b95e78a2edf03704848cea0f84cf1a2a640148ac75f7f2139cf5

Sharing

Copy URL Twitter E-mail

General

Target

c16585455c32b95e78a2edf03704848cea0f84cf1a2a640148ac75f7f2139cf5
Size

37KB
MD5

04c8ee08f6bdbe31ab3982d8c5a16600
SHA1

1b8c5998841a75fa4270b16008bfda9c8640701b
SHA256

c16585455c32b95e78a2edf03704848cea0f84cf1a2a640148ac75f7f2139cf5
SHA512

8e952a15397325c53c143d0b446ebd623258e50ed0e82553fb3dcc12f72a0d73005df8731c1f5e844cf272e29d0d90eb04829077837e15b4cf01f213a8ffa6df
SSDEEP

768:env/pEHMae40YLPe/X2c27FJYjtgCSAuv0WQXaxwDK9:4WfLPQv2DYjt3pO0WiND

Score

N/A

Malware Config

Signatures

Files

c16585455c32b95e78a2edf03704848cea0f84cf1a2a640148ac75f7f2139cf5
.exe windows x86

0d7141036828b87ec154cac8e3943faf

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

SetWindowLongW
EnableWindow
InvalidateRect
GetSysColor
LoadIconW
SetTimer
GetParent
UnhookWindowsHookEx
LoadBitmapW
DrawFocusRect
SetWindowsHookExW
AppendMenuW
PostMessageW
RegisterClipboardFormatW
PostThreadMessageW
SendMessageW
KillTimer
GetDesktopWindow
WinHelpW
FillRect
CallNextHookEx
RedrawWindow
DestroyIcon
LoadStringW
CreatePopupMenu
GetWindowLongW
CopyRect

shell32

ShellExecuteExW

msvcrt

wcsrchr
_onexit
_purecall
_except_handler3
wcstoul
setlocale
malloc
_chdir
_beginthread
exit
wcsncpy
wcscpy
_beep
_wtol
__CxxFrameHandler
wcsstr
iswdigit
wcslen
free
swscanf
_initterm

gdi32

DeleteObject
CreateHatchBrush
GetBkColor
ExtTextOutW

kernel32

GetComputerNameW
WaitForSingleObject
LoadLibraryW
GetFileAttributesW
GetVersion
lstrcpyW
GetModuleFileNameW
LoadLibraryA
HeapAlloc
LocalAlloc
GlobalUnlock
GetSystemTimeAsFileTime
LocalFree
LoadLibraryExW
GetCurrentProcessId
lstrlenW
GetModuleHandleW
ResumeThread
Sleep
QueryPerformanceCounter
GlobalFree
EnterCriticalSection
GetTickCount
GetModuleHandleA
UnhandledExceptionFilter
SetEvent
InitializeCriticalSection
VirtualAlloc
CloseHandle
SetUnhandledExceptionFilter
SetLastError
lstrcmpW
GlobalLock
FreeLibrary
LeaveCriticalSection
GlobalAlloc
TerminateProcess
GetWindowsDirectoryW
CreateEventW
GetCurrentThreadId
InterlockedExchange
GetProcessHeap
OutputDebugStringA
DeleteCriticalSection
lstrcpynW
GetProcAddress
GetCurrentProcess
GetLastError

ntmsapi

EjectDiskFromSADriveW

dmutil

ShowMessage

ole32

CoSetProxyBlanket
ReleaseStgMedium
CoCreateInstance
CoUninitialize
CoTaskMemAlloc
CoTaskMemFree
CoInitialize
CreateStreamOnHGlobal

avifil32

AVIFileInfo

activeds

FreeADsMem

Sections

.textbss
Size: - Virtual size: 160KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 512B - Virtual size: 500B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 172KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

0d7141036828b87ec154cac8e3943faf

Headers

File Characteristics

Imports

user32

shell32

msvcrt

gdi32

kernel32

ntmsapi

dmutil

ole32

avifil32

activeds

Sections

.textbss Size: - Virtual size: 160KB

.idata Size: 3KB - Virtual size: 3KB

.text Size: 512B - Virtual size: 500B

.rsrc Size: 32KB - Virtual size: 172KB

.textbss
Size: - Virtual size: 160KB

.idata
Size: 3KB - Virtual size: 3KB

.text
Size: 512B - Virtual size: 500B

.rsrc
Size: 32KB - Virtual size: 172KB