0b9ca2352a352c157c3b0ed0b8dd59cd

Sharing

Copy URL Twitter E-mail

General

Target

0b9ca2352a352c157c3b0ed0b8dd59cd
Size

166KB
MD5

0b9ca2352a352c157c3b0ed0b8dd59cd
SHA1

784c097091caeb63b1a7f2286b3888bcdbb0ed3c
SHA256

ddcf856300cd31b04fbc43799d8a0dacfb1a92acff64b36b408cd3cfcf4a5095
SHA512

04f3000fe68de997c44ebad20072ce75460911a38e37ccc691b7d14512fe38420e3e20116adfc3b43b9f96d92c210597e441bbb5e283a98c649889d02e9384b7
SSDEEP

3072:x72DiAk97k7dR5yg7ZeRKiLIyQM1k3MrvbwxHgcerba/3OPm7dZ500Ra/Gw4KVOy:BtgbyjKsIy3kcvbUHt/4mRZ57Glh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0b9ca2352a352c157c3b0ed0b8dd59cd

Files

0b9ca2352a352c157c3b0ed0b8dd59cd
.exe windows:4 windows x86 arch:x86

56cbdb81b0307c985004f60f86943648

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

avifil32

AVIStreamInfoA
AVIFileGetStream
AVIStreamGetFrameClose
AVISaveOptions
AVIStreamWrite
AVIFileCreateStreamA
AVIStreamGetFrameOpen
AVIStreamSetFormat
AVIFileOpenA
AVIFileRelease
AVIStreamRelease
AVIStreamGetFrame
AVIFileInit
AVIMakeCompressedStream

gdi32

CombineRgn
CreateDIBSection
SetDIBitsToDevice
GetObjectA
SetDIBColorTable
FillRgn
BitBlt
CreateCompatibleDC
DeleteDC
GetStockObject
GetCurrentObject
CreateRectRgn
SelectObject
SetStretchBltMode
StretchDIBits
DeleteObject
StretchBlt

user32

GetWindowLongA
GetClassLongA
GetClientRect
GetWindowRect
MoveWindow
SetCursor
LoadIconA
LoadCursorA
ShowWindow
SetWindowLongA
DestroyWindow
DispatchMessageA
BeginPaint
CreateWindowExA
wvsprintfA
PeekMessageA
SubtractRect
GetMessageA
CallWindowProcA
OffsetRect
ReleaseCapture
SetWindowTextA
SetFocus
MessageBoxA
UpdateWindow
EndPaint
IsWindow
InvalidateRect
ScreenToClient
GetKeyState
wsprintfA
DefWindowProcA
GetFocus
SendMessageA
RegisterClassA
TranslateMessage
SetCapture

msvfw32

ICOpen
ICSendMessage
ICDecompress
ICClose

kernel32

MapViewOfFile
QueryDosDeviceW
GetFileSize
LocalAlloc
GetProcessId
lstrlenA
UnmapViewOfFile
SetFilePointer
ReadFile
GlobalSize
CreateFileA
CloseHandle
EnumResourceTypesA
GlobalAlloc
CreateFileMappingA
Sleep
WriteFile
ExitProcess
ProcessIdToSessionId
DisableThreadLibraryCalls
LocalFree
GlobalFree

avicap32

capCreateCaptureWindowA
capGetDriverDescriptionA

comctl32

CreateToolbarEx

Sections

.text
Size: 101KB - Virtual size: 101KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 59KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 1024B - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

56cbdb81b0307c985004f60f86943648

Headers

File Characteristics

Imports

avifil32

gdi32

user32

msvfw32

kernel32

avicap32

comctl32

Sections

.text Size: 101KB - Virtual size: 101KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 59KB - Virtual size: 59KB

.tls Size: 1024B - Virtual size: 92KB

.text
Size: 101KB - Virtual size: 101KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 59KB - Virtual size: 59KB

.tls
Size: 1024B - Virtual size: 92KB