f1e1e407f67e97c218725710653cf85975007ed750b70a21464dbd58af685978

Sharing

Copy URL Twitter E-mail

General

Target

f1e1e407f67e97c218725710653cf85975007ed750b70a21464dbd58af685978
Size

87KB
MD5

c66d5f2e0a701ca9a2f376dd96c5a9bc
SHA1

9f807372f65623baa4825c961fd97ed5b0cc4ccf
SHA256

f1e1e407f67e97c218725710653cf85975007ed750b70a21464dbd58af685978
SHA512

eb835e3abb3e0adc0a7529bcc7fffcbae9d2407df4cd1c4dd925cef3da6a7e072ffff5e317c46f5ae983032df6a391a3892eb02af4cacb2f83a78ff5496fa268
SSDEEP

1536:3U/rFsSzWOcf02cy6+dj8UG6DCmn5vrl8cPGzBIQgCh9Hpvm+sW39cd5PD:QLzWRlcy6+NHCmn5vrl8cPe3gypva5PD

Score

N/A

Malware Config

Signatures

Files

f1e1e407f67e97c218725710653cf85975007ed750b70a21464dbd58af685978
.exe windows x86

27d24bc0c5de4369132611a09ab7cd01

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

imm32

ImmSetCompositionFontA
ImmGetCompositionFontW
ImmConfigureIMEA
ImmAssociateContextEx
ImmSetCompositionStringW
ImmGetIMCCSize
ImmInstallIMEA
ImmIsUIMessageW

kernel32

CreateProcessW
GetTickCount
GetSystemDirectoryW
GetExitCodeProcess
Wow64DisableWow64FsRedirection
Wow64RevertWow64FsRedirection
IsWow64Process
WideCharToMultiByte
GetConsoleWindow
ExitProcess
GetCurrentProcess
Sleep
WaitForSingleObject
CloseHandle
DecodePointer
GetTempPathW
GetTempFileNameW
CreateDirectoryW
GetCommandLineW
VirtualAlloc
WriteConsoleW
SetEndOfFile
HeapReAlloc
HeapSize
GetConsoleCP
FlushFileBuffers
CreateFileW
GetProcessHeap
LCMapStringW
CompareStringW
GetStringTypeW
SetStdHandle
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
MultiByteToWideChar
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
FindNextFileW
FindFirstFileExW
FindClose
GetFileType
SetFilePointerEx
ReadConsoleW
GetConsoleMode
RaiseException
HeapAlloc
HeapFree
GetCommandLineA
GetModuleHandleExW
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoW
IsProcessorFeaturePresent
GetModuleHandleW
TerminateProcess
RtlUnwind
GetLastError
SetLastError
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
GetProcAddress
LoadLibraryExW
ReadFile
GetStdHandle
WriteFile
GetModuleFileNameW

comdlg32

PageSetupDlgW
GetSaveFileNameW
ChooseColorA

avifil32

AVIBuildFilterA
AVIStreamGetFrameOpen
AVISaveVA
AVIFileOpen
AVIMakeCompressedStream

msvfw32

ICDraw
DrawDibRealize

rtm

RtmCreateEnumerationHandle
MgmDeInitialize
MgmDeRegisterMProtocol
RtmRegisterClient
RtmLookupIPDestination
RtmGetFirstRoute
RtmGetNetworkCount

rpcrt4

NdrStubInitialize
NdrCorrelationFree
UuidHash

mapi32

ord74
ord244
ord63
ord46
ord197
ord142
ord171
ord174
ord196

mscms

GenerateCopyFilePaths
DeleteColorTransform
SelectCMM
DisassociateColorProfileFromDeviceA
ord1
SetColorProfileElement

ws2_32

WSAIoctl
ioctlsocket
WSALookupServiceEnd
WSALookupServiceBeginW
WSAAsyncGetHostByName
WSARecvDisconnect
WSASetEvent

user32

ShowWindow

ole32

CoInitialize

Sections

.text
Size: 58KB - Virtual size: 57KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 512B - Virtual size: 176B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

27d24bc0c5de4369132611a09ab7cd01

Headers

DLL Characteristics

File Characteristics

Imports

imm32

kernel32

comdlg32

avifil32

msvfw32

rtm

rpcrt4

mapi32

mscms

ws2_32

user32

ole32

Sections

.text Size: 58KB - Virtual size: 57KB

.rdata Size: 25KB - Virtual size: 24KB

.data Size: 2KB - Virtual size: 5KB

.gfids Size: 512B - Virtual size: 176B

.text
Size: 58KB - Virtual size: 57KB

.rdata
Size: 25KB - Virtual size: 24KB

.data
Size: 2KB - Virtual size: 5KB

.gfids
Size: 512B - Virtual size: 176B