VirtualDub[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

VirtualDub.exe
Size

3.0MB
MD5

c8b5509c804c63211fecce761050962e
SHA1

a07b9105373ee2dedc229248608017ae0d9c7cae
SHA256

275092fb96f4ef743f01abb44e6b0bc97950ef3c5e344d6119cb44c84d3c6eee
SHA512

78d27e5a1fbdef97db76f3dcafffd1242e8cf684de2e54f7dcd97c6333b2136b57baa2efa0b2f2d6d99f9d5ef970ae620c851604183251bdf9e3ccd9dfe3a9ef
SSDEEP

49152:s22be+CRZD/CdFzhmTEsEMkUs7EclZSwp:seBRZDqdPmXE97

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
VirtualDub.exe

Files

VirtualDub.exe
.exe windows:4 windows x86

3baa5cc664ab5641dae5995038b1da8b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

waveOutReset
waveOutUnprepareHeader
waveOutClose
waveOutOpen
waveOutPrepareHeader
waveOutPause
waveOutGetPosition
waveOutWrite
waveOutRestart
waveInGetDevCapsA
mixerOpen
mixerGetLineInfoA
mixerGetLineControlsA
mixerGetControlDetailsA
waveInOpen
waveInPrepareHeader
waveInAddBuffer
waveInStart
waveInReset
waveInUnprepareHeader
waveInClose
mixerSetControlDetails
mixerClose
timeGetTime
timeBeginPeriod
timeSetEvent
timeEndPeriod
timeKillEvent
timeGetDevCaps
waveOutGetDevCapsA
waveOutGetNumDevs
DefDriverProc

msvfw32

ICImageDecompress
ICDecompress
ICCompress
ICRemove
ICGetInfo
ICSendMessage
ICOpen
ICClose
ICInfo

avifil32

AVIFileOpenW
AVIFileExit
AVIFileInit
AVIStreamBeginStreaming
AVIStreamEndStreaming
AVIStreamInfoA
AVIStreamFindSample
AVIStreamRead
AVIStreamStart
AVIStreamLength
AVIStreamReadFormat
AVIFileRelease
AVIFileGetStream
AVIFileOpenA

msacm32

acmStreamOpen
acmStreamUnprepareHeader
acmStreamConvert
acmStreamPrepareHeader
acmStreamSize
acmDriverID
acmStreamClose
acmMetrics
acmDriverEnum
acmDriverOpen
acmFormatTagEnumA
acmDriverClose
acmDriverMessage
acmDriverDetailsA
acmFormatEnumA
acmFormatSuggest
acmFormatDetailsA

comctl32

ImageList_Add
ord6
ImageList_Destroy
ord16
ImageList_Create
ord17

shlwapi

SHDeleteKeyA

kernel32

TerminateProcess
GlobalMemoryStatus
GetVersionExA
UnhandledExceptionFilter
ResumeThread
SuspendThread
SetUnhandledExceptionFilter
SetPriorityClass
ExitProcess
ReleaseSemaphore
GetLastError
SetFilePointer
GetStdHandle
FindClose
FindNextFileA
FindFirstFileA
GetComputerNameA
OpenProcess
GetSystemTimeAsFileTime
GetLocalTime
FileTimeToSystemTime
FileTimeToLocalFileTime
GetCommandLineW
DeleteFileA
LoadLibraryW
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
GetProcessTimes
GetVolumeInformationA
GetVolumeInformationW
FindResourceExA
CreateProcessA
CreateProcessW
DeleteFileW
MapViewOfFile
OpenFileMappingA
UnmapViewOfFile
IsDebuggerPresent
GetThreadPriority
GetPriorityClass
GetWindowsDirectoryA
TlsAlloc
TlsFree
TlsSetValue
GetCurrentThreadId
FlushFileBuffers
GetExitCodeProcess
GenerateConsoleCtrlEvent
CreateFileMappingA
WaitForMultipleObjects
CreatePipe
PeekNamedPipe
OutputDebugStringA
GetSystemDirectoryA
GetSystemDirectoryW
GetProcessAffinityMask
RaiseException
SetEvent
CreateSemaphoreA
GetThreadContext
CreateEventA
MultiByteToWideChar
SetLastError
QueryPerformanceCounter
FormatMessageA
GetFileAttributesA
GetFileAttributesW
FindFirstFileW
CreateDirectoryA
CreateDirectoryW
GetModuleFileNameW
FindNextFileW
GetLongPathNameA
GetLongPathNameW
GetDiskFreeSpaceW
GetDiskFreeSpaceA
GetDriveTypeW
SetEndOfFile
SystemTimeToTzSpecificLocalTime
GetDateFormatA
GetDateFormatW
GetTimeFormatA
GetTimeFormatW
QueryPerformanceFrequency
FindCloseChangeNotification
FindNextChangeNotification
FindFirstChangeNotificationA
FindFirstChangeNotificationW
GetWindowsDirectoryW
GetOverlappedResult
FlushInstructionCache
EnumResourceNamesA
GetFileType
SetHandleCount
LCMapStringW
LCMapStringA
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
HeapCreate
HeapDestroy
GetStartupInfoA
GetProcessHeap
GetCommandLineA
CreateThread
ExitThread
HeapReAlloc
HeapFree
HeapAlloc
RtlUnwind
InterlockedIncrement
GetCurrentThread
DuplicateHandle
InterlockedDecrement
CreateFileW
GetSystemInfo
ReadProcessMemory
WriteFile
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
GetConsoleCP
GetConsoleMode
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
LoadLibraryA
GetCurrentProcess
GetThreadSelectorEntry
CreateFileA
GetFileSize
ReadFile
CloseHandle
VirtualQuery
GetModuleFileNameA
GetFullPathNameA
GetModuleHandleA
GetProcAddress
VirtualProtect
GetTickCount
GetCurrentProcessId
MoveFileW
MoveFileA
GetVersion
VirtualAlloc
VirtualFree
FreeLibrary
WideCharToMultiByte
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
WaitForSingleObject
SetThreadPriority
Sleep
MulDiv
FindResourceA
LoadResource
LockResource
SizeofResource
FreeResource
HeapSize
SetStdHandle
TlsGetValue
FreeEnvironmentStringsA

user32

GetWindowTextA
UnregisterHotKey
DrawEdge
RegisterHotKey
GetCursorPos
SetCursor
GetWindow
SystemParametersInfoA
ReleaseCapture
SetCapture
GetMessagePos
GetDialogBaseUnits
SetScrollInfo
GetScrollInfo
ScrollWindow
HideCaret
ShowCaret
SetScrollRange
SetScrollPos
SetCaretPos
DestroyCaret
CreateCaret
GetWindowTextLengthA
GetFocus
ShowCursor
SetCursorPos
IsWindowEnabled
GetCapture
GetDCEx
AppendMenuA
AppendMenuW
SetMenuItemInfoW
CallWindowProcW
DrawTextW
GetWindowTextW
GetWindowTextLengthW
GetMenuItemInfoW
LockWindowUpdate
InvertRect
GetNextDlgTabItem
CopyAcceleratorTableA
GetKeyNameTextA
GetKeyNameTextW
MapVirtualKeyA
CreateAcceleratorTableA
CreateDialogIndirectParamA
CreateDialogIndirectParamW
DefDlgProcA
DefDlgProcW
DrawFrameControl
InsertMenuItemA
InsertMenuItemW
DrawMenuBar
CheckMenuRadioItem
GetMenuItemCount
DeleteMenu
GetMenu
EnableMenuItem
CheckMenuItem
EnumDisplaySettingsA
RedrawWindow
GetMessageA
ExitWindowsEx
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
InflateRect
GetWindowLongW
SetWindowLongW
GetDlgItemTextA
PostThreadMessageA
SetForegroundWindow
WaitMessage
CreateWindowExW
SetWindowsHookExA
CallNextHookEx
TranslateAcceleratorA
DialogBoxParamW
SetWindowTextW
LoadImageA
BeginDeferWindowPos
EndDeferWindowPos
DeferWindowPos
IsZoomed
GetWindowPlacement
ScrollWindowEx
UnhookWindowsHookEx
IsWindow
IsDialogMessageA
GetKeyState
GetDlgItemInt
SetDlgItemInt
AdjustWindowRectEx
PtInRect
ClientToScreen
TrackMouseEvent
GetSysColor
DrawTextA
LoadAcceleratorsA
GetClassLongA
LoadStringA
LoadCursorA
RegisterClassA
AdjustWindowRect
CreateWindowExA
UnregisterClassA
PeekMessageA
TranslateMessage
DefWindowProcA
IsWindowUnicode
SendMessageW
MapWindowPoints
CallWindowProcA
CreateDialogParamW
IsIconic
GetForegroundWindow
GetWindowThreadProcessId
CreateDialogParamA
RegisterClassW
DefWindowProcW
GetSystemMenu
CreateMenu
SetRect
DestroyAcceleratorTable
GetAsyncKeyState
CreatePopupMenu
SetMenuItemInfoA
SetMenu
GetMenuItemInfoA
SendDlgItemMessageW
TrackPopupMenuEx
MessageBoxW
UnregisterClassW
GetCursorInfo
GetIconInfo
KillTimer
ScreenToClient
MapDialogRect
ScrollDC
ReleaseDC
IntersectRect
DestroyWindow
MsgWaitForMultipleObjects
PostQuitMessage
wvsprintfA
MessageBeep
GetSubMenu
TrackPopupMenu
LoadMenuA
DestroyMenu
SetWindowTextA
MessageBoxA
CheckDlgButton
SetTimer
GetParent
GetWindowRect
GetSystemMetrics
SetWindowPos
SetFocus
DialogBoxParamA
SendDlgItemMessageA
IsDlgButtonChecked
EnableWindow
OffsetRect
UnionRect
InvalidateRect
EndDialog
GetDlgItem
wsprintfA
SetDlgItemTextA
SendMessageA
UpdateWindow
GetClientRect
GetDC
EnumChildWindows
LoadIconA
FillRect
DrawIcon
SetWindowLongA
BeginPaint
EndPaint
PostMessageA
GetWindowLongA
ShowWindow
SetWindowPlacement
RemoveMenu
DispatchMessageA

gdi32

SaveDC
StretchDIBits
SetDIBitsToDevice
LineTo
MoveToEx
SetTextAlign
GetTextMetricsA
Polygon
RestoreDC
ExcludeClipRect
GetObjectA
SetBkMode
SetStretchBltMode
OffsetViewportOrgEx
GetClipBox
ExtTextOutW
RectVisible
GetTextExtentExPointW
Ellipse
PolylineTo
CreateFontIndirectA
GetDeviceCaps
Rectangle
ExtSelectClipRgn
OffsetClipRgn
CreateBitmap
GetDIBits
GetSystemPaletteEntries
CreatePalette
GetNearestPaletteIndex
RealizePalette
SelectPalette
SetTextColor
CreateSolidBrush
ExtTextOutA
Polyline
CreateFontA
GdiFlush
SelectObject
DeleteObject
DeleteDC
GetStockObject
SetDIBits
CreateCompatibleBitmap
StretchBlt
SwapBuffers
SetPixelFormat
ChoosePixelFormat
CreatePen
GetTextExtentPoint32W
GetTextExtentPoint32A
SetBkColor
TextOutA
CreateCompatibleDC
CreateDIBSection
BitBlt
PolyPolyline

comdlg32

GetSaveFileNameA
GetOpenFileNameA
GetOpenFileNameW
GetSaveFileNameW
CommDlgExtendedError
ChooseColorA

advapi32

RegCloseKey
AdjustTokenPrivileges
OpenProcessToken
RegQueryValueExW
RegEnumValueA
RegEnumKeyExA
RegDeleteKeyA
RegDeleteValueA
RegSetValueExW
RegSetValueExA
RegCreateKeyExA
RegOpenKeyExA
RegQueryValueExA
LookupPrivilegeValueA

shell32

DragFinish
SHGetMalloc
SHBrowseForFolderA
SHGetPathFromIDListA
DragQueryFileW
DragAcceptFiles
DragQueryFileA
SHGetSpecialFolderPathW
SHGetSpecialFolderPathA
ShellExecuteA

ole32

CreateItemMoniker
GetRunningObjectTable
CoTaskMemFree
CoTaskMemAlloc
CoCreateInstance
CoGetObject
CoInitializeEx
CoUninitialize
CoInitialize

oleaut32

SysFreeString
OleCreatePropertyFrame

Sections

.text
Size: 2.1MB - Virtual size: 2.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.const
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 542KB - Virtual size: 542KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 15KB - Virtual size: 151KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 326KB - Virtual size: 326KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3baa5cc664ab5641dae5995038b1da8b

Headers

File Characteristics

Imports

winmm

msvfw32

avifil32

msacm32

comctl32

shlwapi

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

Sections

.text Size: 2.1MB - Virtual size: 2.1MB

.const Size: 512B - Virtual size: 512B

.rdata Size: 542KB - Virtual size: 542KB

.data Size: 15KB - Virtual size: 151KB

.tls Size: 512B - Virtual size: 512B

.rsrc Size: 326KB - Virtual size: 326KB

.text
Size: 2.1MB - Virtual size: 2.1MB

.const
Size: 512B - Virtual size: 512B

.rdata
Size: 542KB - Virtual size: 542KB

.data
Size: 15KB - Virtual size: 151KB

.tls
Size: 512B - Virtual size: 512B

.rsrc
Size: 326KB - Virtual size: 326KB