24ccae1dbe5fe12ba92d11f362fe1e58

General

Target

24ccae1dbe5fe12ba92d11f362fe1e58
Size

180KB
MD5

24ccae1dbe5fe12ba92d11f362fe1e58
SHA1

7778e1b3ccadb312537efa90e622bcc5469c5986
SHA256

a5fe5fdf287836834a16583283890805e4db2a9bf07b96818f0addffb3bf0aad
SHA512

93352d5b2e5a3d373debfaa77ee15015ba9f0221fb828802ec620defd65e9ee311ff1593ed88ed4d008027ce8e2e243bfaaac04280123bbe5cefc31e71886e0f
SSDEEP

3072:1sBK0AJuOHN3ApUuPz2z08wBxUV1XYBxCevHWGwpPXo5j0AlP0GxQW1:OBK0AFtQoo8wBqaxPHS45jTP0GOW1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
24ccae1dbe5fe12ba92d11f362fe1e58

Files

24ccae1dbe5fe12ba92d11f362fe1e58
.exe windows:4 windows x86 arch:x86

64990d7aafaaf725f5880fecd7bc1268

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

timeGetTime

kernel32

SetFileAttributesW
CreateDirectoryA
DisableThreadLibraryCalls
EnterCriticalSection
GetSystemTime
CloseHandle
QueryPerformanceCounter
GetShortPathNameA
FreeLibrary
GetTickCount
WaitForSingleObject
LocalFree
GetTempPathA
OutputDebugStringW
GetVersionExA
GetProcessAffinityMask
ReadFile
lstrlenA
ReleaseMutex
InterlockedDecrement
EnumResourceTypesW
WideCharToMultiByte
LeaveCriticalSection
SetFileAttributesA
LocalAlloc
DeleteFileA
InterlockedIncrement
LoadLibraryW
WriteFile
GetModuleFileNameA
TerminateProcess
SetFilePointer
GetLastError
MultiByteToWideChar
GetCurrentThreadId
CreateFileA
OutputDebugStringA
GetFileAttributesA
GetCurrentProcessId
GetTempFileNameA
GetTempFileNameW
CreateMutexA
GetTempPathW
GetProcAddress
CopyFileA
GetSystemTimeAsFileTime

user32

OffsetRect
DispatchMessageW
TranslateMessage
SetRectEmpty
wsprintfW
ReleaseDC
GetDC
PeekMessageW
FillRect
GetClientRect
CopyRect
IsRectEmpty
GetWindowRect

avifil32

AVISaveOptions
AVIMakeCompressedStream

Sections

.text
Size: 102KB - Virtual size: 101KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 74KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 1024B - Virtual size: 124KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

64990d7aafaaf725f5880fecd7bc1268

Headers

File Characteristics

Imports

winmm

kernel32

user32

avifil32

Sections

.text Size: 102KB - Virtual size: 101KB

.rdata Size: 2KB - Virtual size: 1KB

.bss Size: 74KB - Virtual size: 74KB

.tls Size: 1024B - Virtual size: 124KB

.text
Size: 102KB - Virtual size: 101KB

.rdata
Size: 2KB - Virtual size: 1KB

.bss
Size: 74KB - Virtual size: 74KB

.tls
Size: 1024B - Virtual size: 124KB