2f44f42428e60e66a257297c7eb261d9

Sharing

Copy URL Twitter E-mail

General

Target

2f44f42428e60e66a257297c7eb261d9
Size

180KB
MD5

2f44f42428e60e66a257297c7eb261d9
SHA1

44c1e90d7f508be01bf485b845d14f403ca1f7c5
SHA256

e67396671352ab50401077d4be80d318418a962b5746c45b88e8cb150758c1b2
SHA512

be155e84cb2c05555fb0b8cb44d4b61c2be45ce6c2015f901785e72a1ff4452f49eabce2aa81b1d95a1b5e3b4d4ad4ebe33e6e9be4020b908ed10e6a1d32ad39
SSDEEP

3072:6ck1+7uIwmx4W8mJ4VzQTfqGAg+I5JAHekXgNzgqZhU3lpU9xY6OjeXWu:W1urkW8mAzQTfg6JAHtXFVOHijeXf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2f44f42428e60e66a257297c7eb261d9

Files

2f44f42428e60e66a257297c7eb261d9
.exe windows:4 windows x86 arch:x86

8f2e24c8e7dddc87ad88c280fabed417

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

DefWindowProcA
BeginPaint
OffsetRect
SetWindowLongA
SubtractRect
ScreenToClient
LoadCursorA
ShowWindow
MessageBoxA
TranslateMessage
SetFocus
IsWindow
LoadIconA
GetClassLongA
InvalidateRect
wsprintfA
UpdateWindow
SendMessageA
GetClientRect
ReleaseCapture
GetMessageA
GetKeyState
MoveWindow
PeekMessageA
CreateWindowExA
SetCursor
SetWindowTextA
GetWindowRect
EndPaint
GetFocus
DispatchMessageA
RegisterClassA
CallWindowProcA
DestroyWindow
wvsprintfA
GetWindowLongA
SetCapture

gdi32

SetDIBitsToDevice
SetStretchBltMode
SelectObject
StretchDIBits
CreateRectRgn
DeleteDC
CreateCompatibleDC
GetObjectA
GetCurrentObject
BitBlt
GetStockObject
CombineRgn
DeleteObject
CreateDIBSection
SetDIBColorTable
FillRgn
StretchBlt

msvfw32

ICSendMessage
ICDecompress
ICOpen
ICClose

avifil32

AVIStreamRelease
AVIStreamWrite
AVIFileGetStream
AVIStreamSetFormat
AVIStreamGetFrameOpen
AVISaveOptions
AVIFileRelease
AVIFileInit
AVIStreamGetFrame
AVIStreamGetFrameClose
AVIFileOpenA
AVIFileCreateStreamA
AVIStreamInfoA
AVIMakeCompressedStream

avicap32

capCreateCaptureWindowA
capGetDriverDescriptionA

comctl32

CreateToolbarEx

kernel32

ProcessIdToSessionId
GlobalSize
QueryDosDeviceW
CreateFileA
lstrlenA
LocalFree
GetProcessId
CloseHandle
UnmapViewOfFile
MapViewOfFile
Sleep
GetFileSize
DisableThreadLibraryCalls
EnumResourceTypesA
ReadFile
ExitProcess
SetFilePointer
GlobalAlloc
CreateFileMappingA
LocalAlloc
WriteFile
GlobalFree

Sections

.text
Size: 107KB - Virtual size: 107KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 67KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 1024B - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8f2e24c8e7dddc87ad88c280fabed417

Headers

File Characteristics

Imports

user32

gdi32

msvfw32

avifil32

avicap32

comctl32

kernel32

Sections

.text Size: 107KB - Virtual size: 107KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 67KB - Virtual size: 67KB

.tls Size: 1024B - Virtual size: 72KB

.text
Size: 107KB - Virtual size: 107KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 67KB - Virtual size: 67KB

.tls
Size: 1024B - Virtual size: 72KB