8f4da7af64937eac9ef2668514c4b536c16ac4c9b79964f4caa327fb92c385a6

Sharing

Copy URL Twitter E-mail

General

Target

8f4da7af64937eac9ef2668514c4b536c16ac4c9b79964f4caa327fb92c385a6
Size

932KB
MD5

9b47aa5ab91b322a83234affe54a66f6
SHA1

ff14449fc0cc1a78d774411fa63ababd43a8abfe
SHA256

8f4da7af64937eac9ef2668514c4b536c16ac4c9b79964f4caa327fb92c385a6
SHA512

211e2f784666c0b8173aed6e887d3652dbbed6b0ecc84492df10d6956f813a484b39cf65390cc057e85e6b9cd4504faf65b8dad2f5896dfcce86c4e9759ad312
SSDEEP

24576:xsqkG1UZ0angXnXJjlUCmbyfThlIFadr5bpGaRNKetZMIBMHdI+QvgVc:Gqkc6bc8ytfdr5bpGSNKeoI6Haxvgi

Score

N/A

Malware Config

Signatures

Files

8f4da7af64937eac9ef2668514c4b536c16ac4c9b79964f4caa327fb92c385a6
.exe windows x86

2ca061f07401113ff8611e487c677544

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

GlobalFindAtomA
GetModuleHandleA
LoadLibraryA
LocalAlloc
LocalFree
GetModuleFileNameA
ExitProcess

user32

LoadCursorA

advapi32

RegSetValueExA

oleaut32

SafeArrayGetLBound

version

VerQueryValueA

gdi32

GetPaletteEntries

comctl32

ImageList_DragMove

shell32

SHGetPathFromIDListA

wininet

InternetOpenUrlA

ws2_32

WSAStartup

winmm

waveInClose

netapi32

Netbios

wsock32

getpeername

avicap32

capGetDriverDescriptionA

msvfw32

DrawDibClose

Sections

CODE
Size: - Virtual size: 610KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 23KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 20B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 25KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.vmp0
Size: - Virtual size: 559KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.vmp1
Size: 905KB - Virtual size: 905KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

2ca061f07401113ff8611e487c677544

Headers

File Characteristics

Imports

kernel32

user32

advapi32

oleaut32

version

gdi32

comctl32

shell32

wininet

ws2_32

winmm

netapi32

wsock32

avicap32

msvfw32

Sections

CODE Size: - Virtual size: 610KB

DATA Size: - Virtual size: 21KB

BSS Size: - Virtual size: 23KB

.idata Size: - Virtual size: 11KB

.tls Size: - Virtual size: 20B

.rdata Size: - Virtual size: 24B

.reloc Size: - Virtual size: 38KB

.rsrc Size: 25KB - Virtual size: 52KB

.vmp0 Size: - Virtual size: 559KB

.vmp1 Size: 905KB - Virtual size: 905KB

CODE
Size: - Virtual size: 610KB

DATA
Size: - Virtual size: 21KB

BSS
Size: - Virtual size: 23KB

.idata
Size: - Virtual size: 11KB

.tls
Size: - Virtual size: 20B

.rdata
Size: - Virtual size: 24B

.reloc
Size: - Virtual size: 38KB

.rsrc
Size: 25KB - Virtual size: 52KB

.vmp0
Size: - Virtual size: 559KB

.vmp1
Size: 905KB - Virtual size: 905KB