42cfa34c9a103caa8f99d88d83331f8d

Sharing

Copy URL Twitter E-mail

General

Target

42cfa34c9a103caa8f99d88d83331f8d
Size

177KB
MD5

42cfa34c9a103caa8f99d88d83331f8d
SHA1

274d20da788ca37060ede15a9183645a9162772a
SHA256

e2531286b84adc162d6efa3ba6103284221b6c5b7457a5393f2c3fd5ebcf260c
SHA512

afed5c2c859416f1ec087021c7a111a6ab5965ecb9481eb6374e47e272593ffe70467810c5ee1d7e659cf19829d5eae39576cb544e7958c7a197b25e26fc273a
SSDEEP

3072:TZbFAiyLznwyNJFDPLmt02LigzZTwM1IeVVW+RHYrV1ZuV+TdO:1mXLznX3FDP60CwM1IC6V1ZuV+TdO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
42cfa34c9a103caa8f99d88d83331f8d

Files

42cfa34c9a103caa8f99d88d83331f8d
.exe windows:4 windows x86 arch:x86

0ac1211cbcbd3095ab61dbee06aef840

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

CreateCompatibleBitmap
CreateDCA
PatBlt
CreateCompatibleDC
SelectObject
BitBlt
GetObjectA
CreateDIBSection
DeleteObject
GetStockObject
DeleteDC
SetStretchBltMode
StretchBlt
SetDIBits

advapi32

RegSetValueA
RegQueryValueExA
RegQueryValueExW
RegDeleteKeyA
RegOpenKeyExW
RegCreateKeyA
RegOpenKeyExA
RegCreateKeyExA
RegCloseKey
RegEnumKeyExA
RegSetValueExA

user32

DispatchMessageA
EqualRect
EnableWindow
TranslateMessage
InflateRect
FillRect
AttachThreadInput
GetDesktopWindow
wsprintfA
GetClientRect
SetParent
InvalidateRect
SendMessageA
SetRect
IsWindow
BringWindowToTop
CopyRect
PeekMessageA
GetDC
RegisterClassA
DefWindowProcA
PostMessageA
ReleaseDC
UnregisterClassA

avifil32

AVISaveOptions
AVIMakeCompressedStream

shlwapi

PathFileExistsA
PathFileExistsW
StrStrIW

ole32

CoInitialize
StgCreateDocfile
StringFromGUID2
CoUninitialize
CoTaskMemAlloc
CoFreeUnusedLibraries
CoSetProxyBlanket
StgOpenStorage
CoCreateInstance
GetRunningObjectTable
CreateItemMoniker
CoTaskMemFree

shell32

SHGetSpecialFolderPathA

kernel32

CreateDirectoryA
WaitForMultipleObjectsEx
GetModuleFileNameA
SetFileAttributesA
GetFileSize
GetVersionExA
CreateMutexA
lstrlenA
GetVolumeInformationA
ReleaseMutex
WideCharToMultiByte
QueryPerformanceCounter
DisableThreadLibraryCalls
VirtualFree
GetCurrentThreadId
GetProcessId
GlobalLock
DeviceIoControl
GetSystemTime
CopyFileA
DeleteFileA
WaitForSingleObject
GetTickCount
SetFilePointer
EnumResourceTypesW
GetLastError
LocalAlloc
DeleteCriticalSection
GetFileAttributesA
GetModuleFileNameW
CreateFileA
InterlockedIncrement
VirtualAlloc
GetSystemTimeAsFileTime
CreateFileW
GetTempFileNameA
GetCurrentProcessId
ExitProcess
GetTempPathA
GlobalFree
Sleep
InterlockedDecrement
MultiByteToWideChar
InitializeCriticalSection
LocalFree
ReadFile
CloseHandle
GlobalUnlock
FreeLibrary

Sections

.text
Size: 105KB - Virtual size: 104KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 66KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 1024B - Virtual size: 248KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0ac1211cbcbd3095ab61dbee06aef840

Headers

File Characteristics

Imports

gdi32

advapi32

user32

avifil32

shlwapi

ole32

shell32

kernel32

Sections

.text Size: 105KB - Virtual size: 104KB

.rdata Size: 3KB - Virtual size: 3KB

.bss Size: 66KB - Virtual size: 66KB

.tls Size: 1024B - Virtual size: 248KB

.text
Size: 105KB - Virtual size: 104KB

.rdata
Size: 3KB - Virtual size: 3KB

.bss
Size: 66KB - Virtual size: 66KB

.tls
Size: 1024B - Virtual size: 248KB