openshot-qt[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

openshot-qt.exe
Size

318KB
MD5

7b3b77f8b2cf9522119ab42b9304c2ef
SHA1

8d9284153e54a9b57e87ab523faec024152d3928
SHA256

57b38d8c9e8407374e369a68037f4deb3c082bb1a7c39a45d1103e478ee4cbbb
SHA512

ad94fc11c7d92af5aa449674744c855c92271d7b23bb5cb818ade6912cd806ff9994adbf6f387d44565f7d9a8dd4de4ab942e0810d7eab4668aee2c623a9a577
SSDEEP

6144:GMUf17Nwo7djrQNJe7a7P2BtEB2cbZblmhX:GMgxt7djrQTKtc2cFpm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
openshot-qt.exe

Files

openshot-qt.exe
.exe windows:4 windows x64

24b84c51d0b436692ee9b70e99b74dc2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

DeleteCriticalSection
EnterCriticalSection
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetLastError
GetModuleFileNameW
GetStartupInfoW
GetSystemTimeAsFileTime
GetTickCount
InitializeCriticalSection
IsDBCSLeadByteEx
LeaveCriticalSection
MultiByteToWideChar
QueryPerformanceCounter
RtlAddFunctionTable
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
SetUnhandledExceptionFilter
Sleep
TerminateProcess
TlsGetValue
UnhandledExceptionFilter
VirtualProtect
VirtualQuery

msvcrt

__C_specific_handler
___lc_codepage_func
___mb_cur_max_func
__argc
__iob_func
__lconv_init
__set_app_type
__setusermatherr
__wargv
__wgetmainargs
__winitenv
_amsg_exit
_cexit
_errno
_fmode
_initterm
_onexit
_wcmdln
abort
calloc
exit
fprintf
fputwc
free
fwprintf
fwrite
localeconv
malloc
memcpy
signal
strerror
strlen
strncmp
vfprintf
wcslen

shlwapi

PathRemoveFileSpecW

user32

MessageBoxA
MessageBoxW

libpython3.8

PyErr_Clear
PyErr_ExceptionMatches
PyErr_Fetch
PyErr_NormalizeException
PyExc_SystemExit
PyImport_Import
PyImport_ImportModule
PyLong_AsLong
PyMem_Malloc
PyObject_CallObject
PyObject_GetAttrString
PyObject_Str
PySys_GetObject
PySys_SetArgv
PyTuple_New
PyUnicode_AsUnicode
PyUnicode_DecodeASCII
PyUnicode_Format
PyUnicode_FromString
PyUnicode_Join
Py_Exit
Py_Finalize
Py_FrozenFlag
Py_IgnoreEnvironmentFlag
Py_Initialize
Py_NoSiteFlag
Py_SetPath
Py_SetProgramName
_Py_Dealloc
_Py_NoneStruct

Sections

.text
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 256B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 8KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 104B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 274KB - Virtual size: 273KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 144B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

24b84c51d0b436692ee9b70e99b74dc2

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcrt

shlwapi

user32

libpython3.8

Sections

.text Size: 28KB - Virtual size: 28KB

.data Size: 512B - Virtual size: 256B

.rdata Size: 5KB - Virtual size: 5KB

.pdata Size: 1KB - Virtual size: 1KB

.xdata Size: 1KB - Virtual size: 1KB

.bss Size: - Virtual size: 8KB

.idata Size: 4KB - Virtual size: 3KB

.CRT Size: 512B - Virtual size: 104B

.tls Size: 512B - Virtual size: 16B

.rsrc Size: 274KB - Virtual size: 273KB

.reloc Size: 512B - Virtual size: 144B

.text
Size: 28KB - Virtual size: 28KB

.data
Size: 512B - Virtual size: 256B

.rdata
Size: 5KB - Virtual size: 5KB

.pdata
Size: 1KB - Virtual size: 1KB

.xdata
Size: 1KB - Virtual size: 1KB

.bss
Size: - Virtual size: 8KB

.idata
Size: 4KB - Virtual size: 3KB

.CRT
Size: 512B - Virtual size: 104B

.tls
Size: 512B - Virtual size: 16B

.rsrc
Size: 274KB - Virtual size: 273KB

.reloc
Size: 512B - Virtual size: 144B