3bc568b3831246be1ba59b5d9cf591c6

Sharing

Copy URL

Twitter E-mail

General

Target

3bc568b3831246be1ba59b5d9cf591c6
Size

818KB
MD5

3bc568b3831246be1ba59b5d9cf591c6
SHA1

2d0bc13c3d8b0e02a82cb8ab737c865f65c906b0
SHA256

36ed3f7fafb71f5c878dc2a81cf857945cfb7464322389e8fc9bfceafacc21d0
SHA512

a05c55607ca96367b786df0071ed80a4b8686eab505dd4f703ab160129641f902cd29f9a09746826545cb228941d7dc735852e7f5eeb60bab3f2ea85b45e63b9
SSDEEP

12288:HbetvB5mdttU5jG3Xf8ncs5c6L2Sr5RK0/a7d+4iZhA3LzPkQVsZNQJg3KXaw:HMUjtUg8bFL2gK0/IiZhA3LbBVsYg6b

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
static1/unpack001/GIF Movie Gear/GMG-Keygen.exe	upx

Unsigned PE 3 IoCs

Checks for missing Authenticode signature.

resource
unpack001/GIF Movie Gear/GMG-Keygen.exe
unpack002/out.upx
unpack001/GIF Movie Gear/movgear.exe

Files

3bc568b3831246be1ba59b5d9cf591c6
.rar
GIF Movie Gear/GMG-Keygen.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

UPX0
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 43KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 512B - Virtual size: 160B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 1KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 8B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 904B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 62KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
GIF Movie Gear/help/Thumbs.db
GIF Movie Gear/help/a_md_clr.gif
.gif
GIF Movie Gear/help/edittime.gif
.gif
GIF Movie Gear/help/gam_32opt.gif
.gif
GIF Movie Gear/help/gamanim.gif
.gif
GIF Movie Gear/help/gearblnd.gif
.gif
GIF Movie Gear/help/gearcomp.gif
.gif
GIF Movie Gear/help/geardemo.psd
GIF Movie Gear/help/gearnobl.gif
.gif
GIF Movie Gear/help/h_md.gif
.gif
GIF Movie Gear/help/help.htm
.html
GIF Movie Gear/help/hi_md.gif
.gif
GIF Movie Gear/help/hurri.gif
.gif
GIF Movie Gear/help/hurria.gif
.gif
GIF Movie Gear/help/i_md.gif
.gif
GIF Movie Gear/help/indent.gif
.gif
GIF Movie Gear/help/prev1.gif
.gif
GIF Movie Gear/help/screen.gif
.gif
GIF Movie Gear/help/status.gif
.gif
GIF Movie Gear/help/toolbar1.gif
.gif
GIF Movie Gear/help/toolbar2.gif
.gif
GIF Movie Gear/help/tostart.gif
.gif
GIF Movie Gear/help/usegdtit.gif
.gif
GIF Movie Gear/movgear.exe
.exe windows:4 windows x86 arch:x86

e89e352ae63db5d4e1cb1a6b4bb68b5b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

PropertySheetA
ord17
CreateToolbarEx
ord6

avifil32

AVISaveOptions
AVIFileCreateStreamA
AVIFileOpenA
AVISaveVA
AVIStreamReadFormat
AVIStreamOpenFromFileA
AVIStreamGetFrameClose
AVIStreamFindSample
AVIStreamTimeToSample
AVISaveOptionsFree
AVIStreamGetFrame
AVIStreamStart
AVIStreamLength
AVIStreamGetFrameOpen
AVIStreamInfoA
AVIFileExit
AVIFileInit
AVIStreamWrite
AVIStreamSetFormat
AVIStreamRelease
AVIFileRelease
AVIStreamSampleToTime

kernel32

CompareStringW
CompareStringA
VirtualQuery
GetSystemInfo
VirtualProtect
HeapSize
InitializeCriticalSection
SetStdHandle
GetOEMCP
GetACP
GetLocaleInfoA
GetCPInfo
SetEnvironmentVariableA
MultiByteToWideChar
GetStringTypeA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetModuleFileNameA
SetUnhandledExceptionFilter
IsBadWritePtr
HeapReAlloc
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
WideCharToMultiByte
GetFileType
GetStdHandle
SetHandleCount
DeleteCriticalSection
FlushFileBuffers
UnhandledExceptionFilter
TlsAlloc
SetLastError
TlsFree
GetCommandLineA
GetStartupInfoA
RtlUnwind
RaiseException
LeaveCriticalSection
EnterCriticalSection
GetCurrentProcess
TerminateProcess
GetModuleHandleA
GetProcAddress
ExitProcess
GetSystemTimeAsFileTime
CreateThread
ResumeThread
GetLastError
TlsGetValue
TlsSetValue
ExitThread
IsBadReadPtr
IsBadCodePtr
LoadLibraryA
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
LCMapStringA
LCMapStringW
SetEndOfFile
lstrcpyA
HeapFree
GetProcessHeap
HeapAlloc
GlobalLock
GlobalUnlock
AddAtomA
DeleteAtom
GetAtomNameA
GlobalSize
GetVersionExA
CreateDirectoryA
FindFirstChangeNotificationA
WaitForSingleObject
Sleep
FindNextChangeNotification
FindCloseChangeNotification
RemoveDirectoryA
GetCurrentThreadId
GetProfileStringA
GetFileAttributesA
GetFileSize
FindFirstFileA
GlobalReAlloc
FindNextFileA
FindClose
MoveFileA
GetTempPathA
GetTempFileNameA
DeleteFileA
CreateFileA
CloseHandle
LocalFree
LocalAlloc
WriteFile
SetFilePointer
ReadFile
GlobalAlloc
GlobalFree
GetStringTypeW

user32

GetFocus
SystemParametersInfoA
CreatePopupMenu
InsertMenuItemA
SetParent
CharUpperA
PeekMessageA
InflateRect
PtInRect
SetClassLongA
GetSysColor
IsWindowEnabled
wsprintfA
UnhookWindowsHookEx
IsWindowVisible
GetWindowTextLengthA
wvsprintfA
ChildWindowFromPoint
GetWindowTextA
FillRect
DrawIcon
ShowScrollBar
LoadBitmapA
GetScrollRange
GetMenuItemInfoA
KillTimer
UpdateWindow
DrawEdge
GetScrollPos
LoadImageA
LoadIconA
RegisterClassA
GetSysColorBrush
LoadAcceleratorsA
RegisterClipboardFormatA
SetWindowPlacement
SendMessageA
SetDlgItemInt
GetDlgItemInt
EndDialog
SetWindowPos
GetMessageA
IsDialogMessageA
TranslateAcceleratorA
TranslateMessage
DispatchMessageA
DestroyMenu
LoadMenuA
MoveWindow
GetClassLongA
WindowFromPoint
DrawFocusRect
FrameRect
SetTimer
ScreenToClient
RedrawWindow
ModifyMenuA
IsChild
PostQuitMessage
BeginPaint
EndPaint
ReleaseCapture
GetKeyState
GetScrollInfo
ScrollWindow
SetScrollInfo
EnableMenuItem
IsClipboardFormatAvailable
ClientToScreen
TrackPopupMenu
SetCapture
SetCursor
MessageBeep
GetDC
ReleaseDC
CheckMenuItem
GetClientRect
InvalidateRect
GetClipboardData
PostMessageA
SetWindowTextA
SetMenuItemInfoA
SetWindowsHookExA
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
GetMenu
GetSubMenu
GetMenuItemCount
DeleteMenu
InsertMenuA
CreateDialogParamA
OffsetRect
GetSystemMetrics
CreateDialogIndirectParamA
DefWindowProcA
GetParent
CallNextHookEx
GetWindowPlacement
DialogBoxParamA
IsDlgButtonChecked
GetDlgItemTextA
SetFocus
CheckRadioButton
EnableWindow
SetDlgItemTextA
CheckDlgButton
ShowWindow
LoadStringA
MessageBoxA
GetWindowLongA
SetWindowLongA
GetDlgItem
GetWindowRect
MapWindowPoints
DestroyWindow
CreateWindowExA
LoadCursorA
SendDlgItemMessageA
GetCursorPos

gdi32

UpdateColors
RealizePalette
CreateCompatibleDC
DeleteDC
GetDeviceCaps
GetNearestColor
BitBlt
SelectObject
SelectClipRgn
CreateRectRgn
PatBlt
SetViewportOrgEx
StretchBlt
CreateBitmap
SetTextColor
SetBkColor
GetStockObject
SetBkMode
GetNearestPaletteIndex
CreateDIBSection
StretchDIBits
SetStretchBltMode
Rectangle
SetROP2
IntersectClipRect
ExcludeClipRect
CreateRectRgnIndirect
CreateCompatibleBitmap
CreatePen
GetTextExtentPoint32A
ExtTextOutA
GetTextExtentPointA
GetTextColor
GetBkColor
GetTextMetricsA
SetDIBColorTable
GetDIBColorTable
GetObjectA
CreateFontIndirectA
SetPaletteEntries
DeleteObject
CreatePalette
GetPaletteEntries
SetDIBits
CreateSolidBrush
SelectPalette

comdlg32

ChooseColorA
CommDlgExtendedError
GetOpenFileNameA
GetSaveFileNameA

advapi32

RegSetValueExA
RegOpenKeyExA
RegQueryValueExA
RegCreateKeyExA
RegDeleteValueA
RegDeleteKeyA
RegCloseKey

shell32

DragQueryPoint
DragQueryFileA
DragFinish
ShellExecuteA
DragAcceptFiles

Sections

.text
Size: 504KB - Virtual size: 500KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 60KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 125KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 300KB - Virtual size: 300KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
GIF Movie Gear/samples/Thumbs.db
GIF Movie Gear/samples/a_md_wht.gif
.gif
GIF Movie Gear/samples/alienani.gif
.gif
GIF Movie Gear/samples/ball.gif
.gif
GIF Movie Gear/samples/gamanim.gif
.gif
GIF Movie Gear/samples/jumpanim.gif
.gif
GIF Movie Gear/samples/koko.gif
.gif
GIF Movie Gear/tutorial/Thumbs.db
GIF Movie Gear/tutorial/alienani.gif
.gif
GIF Movie Gear/tutorial/b_clock.gif
.gif
GIF Movie Gear/tutorial/b_fprop.gif
.gif
GIF Movie Gear/tutorial/b_gpal.gif
.gif
GIF Movie Gear/tutorial/b_insfr.gif
.gif
GIF Movie Gear/tutorial/b_loop.gif
.gif
GIF Movie Gear/tutorial/b_opt.gif
.gif
GIF Movie Gear/tutorial/b_prev.gif
.gif
GIF Movie Gear/tutorial/b_redcol.gif
.gif
GIF Movie Gear/tutorial/b_viewbk.gif
.gif
GIF Movie Gear/tutorial/b_zoomou.gif
.gif
GIF Movie Gear/tutorial/ballopt.gif
.gif
GIF Movie Gear/tutorial/fig1.gif
.gif
GIF Movie Gear/tutorial/fig2.gif
.gif
GIF Movie Gear/tutorial/fig3.gif
.gif
GIF Movie Gear/tutorial/fig4.gif
.gif
GIF Movie Gear/tutorial/fig5.gif
.gif
GIF Movie Gear/tutorial/gmgtut.htm
.html
GIF Movie Gear/tutorial/indent.gif
.gif
GIF Movie Gear/tutorial/samples/Thumbs.db
GIF Movie Gear/tutorial/samples/alien1.gif
.gif
GIF Movie Gear/tutorial/samples/alien2.gif
.gif
GIF Movie Gear/tutorial/samples/alien3.gif
.gif
GIF Movie Gear/tutorial/samples/alien4.gif
.gif
GIF Movie Gear/tutorial/samples/ball.gif
.gif
GIF Movie Gear/tutorial/tutortit.gif
.gif
GIF Movie Gear/新云软件.url
.url

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Sections

UPX0 Size: - Virtual size: 64KB

UPX1 Size: 43KB - Virtual size: 44KB

.rsrc Size: 3KB - Virtual size: 4KB

Headers

File Characteristics

Sections

CODE Size: 11KB - Virtual size: 10KB

DATA Size: 512B - Virtual size: 160B

BSS Size: - Virtual size: 1KB

.idata Size: 1024B - Virtual size: 1024B

.tls Size: - Virtual size: 8B

.rdata Size: 512B - Virtual size: 24B

.reloc Size: 1024B - Virtual size: 904B

.rsrc Size: 62KB - Virtual size: 62KB

e89e352ae63db5d4e1cb1a6b4bb68b5b

Headers

File Characteristics

Imports

comctl32

avifil32

kernel32

user32

gdi32

comdlg32

advapi32

shell32

Sections

.text Size: 504KB - Virtual size: 500KB

.rdata Size: 60KB - Virtual size: 57KB

.data Size: 20KB - Virtual size: 125KB

.rsrc Size: 300KB - Virtual size: 300KB

UPX0
Size: - Virtual size: 64KB

UPX1
Size: 43KB - Virtual size: 44KB

.rsrc
Size: 3KB - Virtual size: 4KB

CODE
Size: 11KB - Virtual size: 10KB

DATA
Size: 512B - Virtual size: 160B

BSS
Size: - Virtual size: 1KB

.idata
Size: 1024B - Virtual size: 1024B

.tls
Size: - Virtual size: 8B

.rdata
Size: 512B - Virtual size: 24B

.reloc
Size: 1024B - Virtual size: 904B

.rsrc
Size: 62KB - Virtual size: 62KB

.text
Size: 504KB - Virtual size: 500KB

.rdata
Size: 60KB - Virtual size: 57KB

.data
Size: 20KB - Virtual size: 125KB

.rsrc
Size: 300KB - Virtual size: 300KB