7c17115cdfd0c21a0a25c8ecafcd42e458e484e740d88c98f235e97f5872330d

Sharing

Copy URL Twitter E-mail

General

Target

7c17115cdfd0c21a0a25c8ecafcd42e458e484e740d88c98f235e97f5872330d
Size

44KB
MD5

040cd228b657e72b0589972a4386f6c8
SHA1

30e6e9ed7d710d9af5b9ac2df20a6cab87cfee87
SHA256

7c17115cdfd0c21a0a25c8ecafcd42e458e484e740d88c98f235e97f5872330d
SHA512

bb678df61223090cb96b8c5b1932059d313ba0d6724c9424bafe8d6b8de2c0cbde1f7ef68726c584ddcd6bc53de421ac67fa688eb5098670e3b372febbb99695
SSDEEP

768:w7YpPnMFfz0gbOBvmvqKcBsh29GZFrKtocPkmtPKXQhavHGWSaSZpO:RM6gbkaqKvh29SeBkmtPYQ4b6w

Score

N/A

Malware Config

Signatures

Files

7c17115cdfd0c21a0a25c8ecafcd42e458e484e740d88c98f235e97f5872330d
.exe windows x86

b1d9e965440aef21dc90008e288f4b2d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ntmsapi

EjectDiskFromSADriveW

shell32

ShellExecuteExW

msvcrt

_initterm
_beep
_onexit
_chdir
exit
free
_purecall
wcscpy
swscanf
wcsstr
_except_handler3
iswdigit
wcslen
wcstoul
_wtol
__dllonexit
setlocale
wcsrchr
_beginthread
malloc
swprintf

ole32

CoSetProxyBlanket
CoTaskMemFree
CoTaskMemAlloc
CoCreateInstance
ReleaseStgMedium
CoUninitialize
CoInitialize
CreateStreamOnHGlobal

kernel32

GetModuleHandleW
InterlockedExchange
LoadLibraryExW
GetCurrentThreadId
TerminateProcess
GetCurrentProcess
HeapAlloc
IsBadReadPtr
SetEvent
GetProcAddress
FreeLibrary
GetModuleHandleA
CreateEventW
GlobalFree
WaitForSingleObject
LeaveCriticalSection
GetFileAttributesW
lstrcpynW
GetWindowsDirectoryW
GetTickCount
GlobalAlloc
GetComputerNameW
LoadLibraryA
EnterCriticalSection
LocalFree
LocalAlloc
GetSystemTimeAsFileTime
Sleep
GetVersion
SetUnhandledExceptionFilter
GetProcessHeap
lstrlenW
lstrcmpW
GetModuleFileNameW
ResumeThread
SetLastError
GetCurrentProcessId
GlobalLock
DeleteCriticalSection
LoadLibraryW
GetLastError
UnhandledExceptionFilter
QueryPerformanceCounter
CloseHandle
InitializeCriticalSection
VirtualAlloc
GlobalUnlock
OutputDebugStringA

activeds

FreeADsMem

dmutil

ShowMessage

gdi32

ExtTextOutW
CreateHatchBrush
GetBkColor
DeleteObject

user32

EnableWindow
WinHelpW
KillTimer
FillRect
DestroyIcon
RegisterClipboardFormatW
GetParent
CallNextHookEx
DrawFocusRect
UnhookWindowsHookEx
CopyRect
SendMessageW
GetDesktopWindow
LoadBitmapW
PostThreadMessageW
CreatePopupMenu
SetWindowsHookExW
LoadStringW
SetTimer
AppendMenuW
PostMessageW
RedrawWindow
LoadIconW
SetWindowLongW
GetSysColor
InvalidateRect
GetWindowLongW

avifil32

AVIFileInfo

Sections

.textbss
Size: - Virtual size: 240KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 512B - Virtual size: 500B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 39KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

b1d9e965440aef21dc90008e288f4b2d

Headers

File Characteristics

Imports

ntmsapi

shell32

msvcrt

ole32

kernel32

activeds

dmutil

gdi32

user32

avifil32

Sections

.textbss Size: - Virtual size: 240KB

.idata Size: 3KB - Virtual size: 3KB

.text Size: 512B - Virtual size: 500B

.rsrc Size: 39KB - Virtual size: 112KB

.textbss
Size: - Virtual size: 240KB

.idata
Size: 3KB - Virtual size: 3KB

.text
Size: 512B - Virtual size: 500B

.rsrc
Size: 39KB - Virtual size: 112KB