dd8cacddc88b8057ff74be79301b50a316a57c90ee4d69838e55a8f776f6b82b

Sharing

Copy URL

Twitter E-mail

General

Target

dd8cacddc88b8057ff74be79301b50a316a57c90ee4d69838e55a8f776f6b82b
Size

166KB
MD5

82596ad35510cae7c44736c01f947188
SHA1

fa1212ad7b278f6a1fc307fbe207b1fec4df771b
SHA256

dd8cacddc88b8057ff74be79301b50a316a57c90ee4d69838e55a8f776f6b82b
SHA512

e57d65752ad6e73341c0e87231e3c0e9ec5bea9696c9f2fde7ec8f6222699dcc8a97020f75681a041083004ff7386bb217eefd94eec93b5c590efff4be939279
SSDEEP

3072:1FnBOgcdg8X/WHxkSXN2mqx/nxqtcmK0IJzbhqkfa6:1xBFF8PSd2mqx/nxsHSzPL

Score

N/A

Malware Config

Signatures

Files

dd8cacddc88b8057ff74be79301b50a316a57c90ee4d69838e55a8f776f6b82b
.exe windows x86

219ea002a126aa7898d65d27855a401f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathAddBackslashW
PathRenameExtensionW
PathRemoveBackslashW
PathCombineW
PathFileExistsW
PathFileExistsA
PathAppendW
PathIsDirectoryW
PathRemoveFileSpecW

user32

GetDC
GetClientRect
CopyRect
PeekMessageW
DispatchMessageW
TranslateMessage
SetRectEmpty
ReleaseDC
wsprintfW
IsRectEmpty
FillRect
OffsetRect
GetWindowRect

ole32

CoFreeUnusedLibraries
StringFromGUID2
CoUninitialize
CoCreateInstance
CoInitialize

kernel32

GetTempFileNameA
MultiByteToWideChar
FindNextFileW
WaitForMultipleObjects
Sleep
DeleteFileA
CopyFileA
DeleteFileW
DisableThreadLibraryCalls
OutputDebugStringA
QueryPerformanceCounter
FindClose
ReleaseMutex
CreateFileA
GetCurrentProcessId
GetTempFileNameW
GetPriorityClass
lstrlenW
GetACP
CreateDirectoryA
MulDiv
GetSystemTime
CreateMutexA
WideCharToMultiByte
EnterCriticalSection
SetFileAttributesW
GetModuleFileNameW
WriteFile
LeaveCriticalSection
RemoveDirectoryW
SetFilePointer
GetCurrentThreadId
EnumResourceTypesW
FreeLibrary
InterlockedIncrement
GetVersionExA
GetFileAttributesA
CreateDirectoryW
FindFirstFileW
GetThreadLocale
LocalAlloc
WaitForSingleObject
GetTempPathW
GetModuleFileNameA
GetProcAddress
InterlockedExchange
DeleteCriticalSection
ExitProcess
SetFileAttributesA
CloseHandle
LoadLibraryW
GetVersionExW
GetTickCount
OutputDebugStringW
GetLocaleInfoA
ReadFile
GetLastError
InitializeCriticalSection
LocalFree
InterlockedDecrement
lstrlenA
GetTempPathA
GetSystemTimeAsFileTime

winmm

timeGetTime

advapi32

RegDeleteKeyW
RegEnumKeyExW
RegSetValueW
RegSetValueExA
RegSetValueExW
RegOpenKeyExW
RegCreateKeyW
RegQueryValueExA
RegOpenKeyExA
RegCloseKey
RegQueryValueExW
RegCreateKeyExA
RegDeleteKeyA

gdi32

StretchBlt
GetObjectW
SetBkColor
GetDIBits
GetObjectType
CreateDCW
CreateCompatibleDC
DeleteDC
DeleteObject
SelectObject
SetBrushOrgEx
CreateDIBSection
BitBlt
CreateCompatibleBitmap
CreateSolidBrush
CreateBitmap
SetStretchBltMode

avifil32

AVISaveOptions
AVIMakeCompressedStream

shell32

SHGetSpecialFolderPathA

Sections

.text
Size: 95KB - Virtual size: 95KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 65KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 1024B - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

219ea002a126aa7898d65d27855a401f

Headers

File Characteristics

Imports

shlwapi

user32

ole32

kernel32

winmm

advapi32

gdi32

avifil32

shell32

Sections

.text Size: 95KB - Virtual size: 95KB

.rdata Size: 3KB - Virtual size: 3KB

.bss Size: 65KB - Virtual size: 65KB

.tls Size: 1024B - Virtual size: 104KB

.text
Size: 95KB - Virtual size: 95KB

.rdata
Size: 3KB - Virtual size: 3KB

.bss
Size: 65KB - Virtual size: 65KB

.tls
Size: 1024B - Virtual size: 104KB