5b1b6e4bfc1a9a54cd3be82a6bf580a8d3375af2a5071e4e045fd0c3d70a9c50

Sharing

Copy URL Twitter E-mail

General

Target

5b1b6e4bfc1a9a54cd3be82a6bf580a8d3375af2a5071e4e045fd0c3d70a9c50
Size

48KB
MD5

fddc56fe1e8018cb01af379d408c2ff3
SHA1

8fa895b521624738c6ba60113ab63465fbd9c044
SHA256

5b1b6e4bfc1a9a54cd3be82a6bf580a8d3375af2a5071e4e045fd0c3d70a9c50
SHA512

6f1f1074854a5470732978a96b818bcac7ec650a02c432a50ab3f266e49b54f9972f81a03402b63f66049409c8b1ed1611f112ad392a65fb6107790cf03c506b
SSDEEP

768:V7HRxv6aTcA3s8t0L/O4y/eFLS45Lou4NYeNs1odusI:VP5cq0LW4y/eF+4RoXYeTdXI

Score

N/A

Malware Config

Signatures

Files

5b1b6e4bfc1a9a54cd3be82a6bf580a8d3375af2a5071e4e045fd0c3d70a9c50
.exe windows x86

66710e552b02307b1ede09ab57efbfec

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

activeds

FreeADsMem

dmutil

ShowMessage

gdi32

GetBkColor
ExtTextOutW
DeleteObject
CreateHatchBrush

avifil32

AVIFileInfo

kernel32

GetCurrentProcess
GetComputerNameW
InterlockedExchange
ResumeThread
Sleep
EnterCriticalSection
IsBadReadPtr
lstrcmpW
HeapAlloc
InitializeCriticalSection
FreeLibrary
GetSystemTimeAsFileTime
QueryPerformanceCounter
GetVersion
GetTickCount
OutputDebugStringA
LoadLibraryExW
GlobalLock
GlobalAlloc
LoadLibraryW
GetModuleHandleW
GetModuleHandleA
GetProcAddress
SetUnhandledExceptionFilter
GetCurrentThreadId
GetProcessHeap
TerminateProcess
SetLastError
WaitForSingleObject
lstrcpyW
GetCurrentProcessId
LeaveCriticalSection
DeleteCriticalSection
lstrcpynW
LocalAlloc
GetWindowsDirectoryW
CloseHandle
GetModuleFileNameW
LocalFree
LoadLibraryA
SetEvent
GetFileAttributesW
GetLastError
VirtualAlloc
lstrlenW
CreateEventW
GlobalFree
GlobalUnlock

ntmsapi

EjectDiskFromSADriveW

shell32

ShellExecuteExW

ole32

CoInitialize
CoTaskMemAlloc
CoSetProxyBlanket
ReleaseStgMedium
CoTaskMemFree
CoUninitialize
CoCreateInstance
CreateStreamOnHGlobal

msvcrt

swprintf
free
__dllonexit
_onexit
_adjust_fdiv
_except_handler3
wcsncpy
wcscmp
__CxxFrameHandler
_chdir
swscanf
wcstoul
exit
_initterm
_wtol
_purecall
wcslen
wcscpy
_beep
_beginthread
wcsrchr

user32

GetParent
WinHelpW
LoadBitmapW
SetWindowsHookExW
FillRect
GetWindowLongW
SetTimer
GetDesktopWindow
CreatePopupMenu
DrawFocusRect
DestroyIcon
PostThreadMessageW
CopyRect
UnhookWindowsHookEx
CallNextHookEx
KillTimer
SetWindowLongW
RedrawWindow
InvalidateRect
GetSysColor
SendMessageW
LoadIconW
EnableWindow
LoadStringW
PostMessageW
RegisterClipboardFormatW
AppendMenuW

Sections

.textbss
Size: - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 512B - Virtual size: 500B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 43KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

66710e552b02307b1ede09ab57efbfec

Headers

File Characteristics

Imports

activeds

dmutil

gdi32

avifil32

kernel32

ntmsapi

shell32

ole32

msvcrt

user32

Sections

.textbss Size: - Virtual size: 1.3MB

.idata Size: 3KB - Virtual size: 3KB

.text Size: 512B - Virtual size: 500B

.rsrc Size: 43KB - Virtual size: 112KB

.textbss
Size: - Virtual size: 1.3MB

.idata
Size: 3KB - Virtual size: 3KB

.text
Size: 512B - Virtual size: 500B

.rsrc
Size: 43KB - Virtual size: 112KB