aa8b9b73ae60d9c055baf343c9e5dff445a4251eb26ce8d303cbd575952aacd5

Sharing

Copy URL Twitter E-mail

General

Target

aa8b9b73ae60d9c055baf343c9e5dff445a4251eb26ce8d303cbd575952aacd5
Size

202KB
MD5

30c878b76a9e450c4b78bd35389522e0
SHA1

9cad844647b9161ef2a5d0007fe88d74e7b0e5ae
SHA256

aa8b9b73ae60d9c055baf343c9e5dff445a4251eb26ce8d303cbd575952aacd5
SHA512

a565d43f42e2c93d0349a57f71c9aa007678975a33cf4f6538eccfe22097c408e94ce9d24aa662281219bf2e98cafd0d9561999405550dcbe011f96d57acbea1
SSDEEP

3072:CWLqGmb26tpKkz9mnkEB4t+n7jSH0PETXtu6NnVhKQYySoMJPPcmIC3dN5GAcLGi:lqGN6tsTnkEu1kQ3lYPFbdvGAuGxq

Score

N/A

Malware Config

Signatures

Files

aa8b9b73ae60d9c055baf343c9e5dff445a4251eb26ce8d303cbd575952aacd5
.exe windows x86

62629474b3e5d55d4249ea5bbfd36ee5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

SetSecurityDescriptorOwner
SetSecurityDescriptorGroup
RegOpenKeyA
RegDeleteKeyA
RegCreateKeyExA
QueryServiceStatus
OpenThreadToken
OpenServiceA
OpenSCManagerA
LookupPrivilegeValueA
SetServiceStatus
SetSecurityDescriptorDacl
RegisterServiceCtrlHandlerA
RegSetValueExA
RegEnumKeyA
InitializeSecurityDescriptor
StartServiceCtrlDispatcherA
OpenProcessToken
FreeSid
AllocateAndInitializeSid
RegQueryValueExA
RegOpenKeyExA
RegCloseKey

avifil32

AVISaveOptions
AVIFileReadData
AVIFileInfoA
AVIFileExit
AVIFileOpenA
AVIFileInit
AVISaveOptionsFree

kernel32

GetSystemTimeAsFileTime
GetProcessHeap
SetSystemPowerState
GetCPInfo
WaitForSingleObject
LoadLibraryA
HeapValidate
HeapCompact
GetLocalTime
CreateFileA
HeapFree
HeapAlloc
HeapCreate
RemoveDirectoryA
TlsSetValue
TlsAlloc
SetTapePosition
VirtualProtect
AddAtomA
GetSystemInfo
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersionExA
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
HeapDestroy
VirtualFree
VirtualAlloc
HeapReAlloc
SetLastError
GetCurrentThreadId
GetLastError
TlsFree
TlsGetValue
GetProcAddress
CloseHandle
ReadFile
SetFilePointer
ExitProcess
TerminateProcess
GetCurrentProcess
WriteFile
GetStdHandle
GetModuleFileNameA
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
GetFileType
InitializeCriticalSection
RtlUnwind
InterlockedExchange
VirtualQuery
GetStringTypeA
MultiByteToWideChar
GetStringTypeW
GetLocaleInfoA
GetACP
GetOEMCP
SetStdHandle
FlushFileBuffers
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
LCMapStringA
LCMapStringW
SetEndOfFile
HeapSize

Sections

.text
Size: 58KB - Virtual size: 58KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 82KB - Virtual size: 82KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 53KB - Virtual size: 304KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

62629474b3e5d55d4249ea5bbfd36ee5

Headers

File Characteristics

Imports

advapi32

avifil32

kernel32

Sections

.text Size: 58KB - Virtual size: 58KB

.rdata Size: 82KB - Virtual size: 82KB

.data Size: 53KB - Virtual size: 304KB

.reloc Size: 7KB - Virtual size: 6KB

.text
Size: 58KB - Virtual size: 58KB

.rdata
Size: 82KB - Virtual size: 82KB

.data
Size: 53KB - Virtual size: 304KB

.reloc
Size: 7KB - Virtual size: 6KB