vid1[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

vid1.exe
Size

4.0MB
MD5

3790e03c51a7e0ff46d67dc1674bd93f
SHA1

37f3dad5dd5682ae3e1645e3a7c3229023b4db20
SHA256

217705e345870eac9bb3796154d1601e90a42b4d674dc8d6e7257b2bbadaee6e
SHA512

c804f3e95323b0fed22fd05dc2232c95a0951cee2238abfca80a17ce76bb2e829f2e2520c21355f4e5cf416ea1e05fd6ebff53ca1f7d9b59cced2c613d8e31ef
SSDEEP

98304:ebKKq8JMmqTY5bRIEtL2ws0ze3Xci+S+9ut2bewUoLrMDqe:En6mqAtI0un3MF5Y2bewHsDqe

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
vid1.exe

Files

vid1.exe
.exe windows x86

76c906522f16bb660115c4004157473b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetVersionExA
CreateToolhelp32Snapshot
GetModuleFileNameW
GetModuleHandleA
LoadLibraryA
LocalAlloc
LocalFree
GetModuleFileNameA
ExitProcess

user32

SetCursorPos

gdi32

SetTextColor

advapi32

AddAccessAllowedAce

shell32

ShellExecuteA

msvcrt

_strupr

msvcp60

?length@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIXZ

ws2_32

htons

avicap32

capGetDriverDescriptionA

Sections

.text
Size: - Virtual size: 988KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: - Virtual size: 180KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data0
Size: - Virtual size: 260KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.aspack
Size: - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data1
Size: - Virtual size: 3.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data2
Size: 3.7MB - Virtual size: 3.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 258KB - Virtual size: 257KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

76c906522f16bb660115c4004157473b

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

msvcrt

msvcp60

ws2_32

avicap32

Sections

.text Size: - Virtual size: 988KB

.rdata Size: - Virtual size: 84KB

.data Size: - Virtual size: 180KB

.data0 Size: - Virtual size: 260KB

.aspack Size: - Virtual size: 8KB

.data1 Size: - Virtual size: 3.9MB

.data2 Size: 3.7MB - Virtual size: 3.7MB

.rsrc Size: 258KB - Virtual size: 257KB

.text
Size: - Virtual size: 988KB

.rdata
Size: - Virtual size: 84KB

.data
Size: - Virtual size: 180KB

.data0
Size: - Virtual size: 260KB

.aspack
Size: - Virtual size: 8KB

.data1
Size: - Virtual size: 3.9MB

.data2
Size: 3.7MB - Virtual size: 3.7MB

.rsrc
Size: 258KB - Virtual size: 257KB