49c9153d4515e88a2afc2d51feae2422

Sharing

Copy URL

Twitter E-mail

General

Target

49c9153d4515e88a2afc2d51feae2422
Size

166KB
MD5

49c9153d4515e88a2afc2d51feae2422
SHA1

571baecd60787a733688f48e1a5450947d90697c
SHA256

e0b61ca2d58d5feb22ca259b7773ed584bff6ee07c1d1da7c6e61700926a4f8d
SHA512

62a6cb9919b6e39bbdf626af6f1e4460466b45032042b1f5a39afb07450dfa57fdd6cb330c39c5a4dcedd3efa73979d39943c5094d16e74a66db35e46afd0a9d
SSDEEP

3072:dq6j9G8ZNe6josCrviHwx2267RwnGVRh4hyESGPmM:Xj8+6vZl67k0shyESM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
49c9153d4515e88a2afc2d51feae2422

Files

49c9153d4515e88a2afc2d51feae2422
.exe windows:4 windows x86 arch:x86

e86365e05e43011391ab7c836e6cfb5b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetWindowRect
LoadImageW
ShowScrollBar
GetActiveWindow
BringWindowToTop
FindWindowExW
DestroyMenu
SetFocus
ReleaseCapture
SetForegroundWindow
FrameRect
PtInRect
UpdateWindow
ReleaseDC
GetSysColorBrush
GetWindowLongW
KillTimer
SendMessageW
OffsetRect
EnableWindow
wsprintfW
SetTimer
PostMessageW
SetCursor
IsRectEmpty
GetParent
TrackPopupMenuEx
InflateRect
IsWindowVisible
GetSystemMetrics
IntersectRect
GetCursorPos
IsWindow
DefWindowProcW
GetDesktopWindow
LoadCursorW
UnionRect
DrawFocusRect
FillRect
SetRect
SetRectEmpty
SetWindowLongW
SetCapture
ClientToScreen
GetDC
ScreenToClient
CreatePopupMenu
GetClientRect
GetSysColor
CopyRect
EqualRect
DrawTextW
InvalidateRect

shell32

SHGetMalloc
SHGetPathFromIDListW
SHGetSpecialFolderLocation
DragQueryFileW
SHGetDesktopFolder
SHGetFileInfoW

avifil32

AVISaveOptions
AVIMakeCompressedStream

ole32

CoFreeUnusedLibraries
OleInitialize
StringFromGUID2
CoCreateInstance
OleUninitialize
CoUninitialize
CoInitialize

advapi32

RegSetValueExW
RegEnumKeyExW
RegSetValueW
RegCreateKeyW
RegOpenKeyExW
RegCloseKey
RegDeleteKeyW

kernel32

GetModuleHandleW
WaitForSingleObject
FindFirstChangeNotificationW
WaitForMultipleObjectsEx
MultiByteToWideChar
lstrcpynW
LeaveCriticalSection
GetFullPathNameW
GetACP
GetProcAddress
GetCurrentProcessId
GetDriveTypeW
WideCharToMultiByte
MulDiv
FileTimeToLocalFileTime
lstrlenW
CreateEventW
GetProcessId
GetVersionExW
FindFirstFileW
QueryPerformanceCounter
GetThreadLocale
GetLocaleInfoA
GetCurrentThreadId
InterlockedIncrement
SetEvent
FreeLibrary
EnumResourceTypesW
GlobalAlloc
FileTimeToSystemTime
InterlockedExchange
GlobalLock
FindNextChangeNotification
GlobalUnlock
DeleteCriticalSection
ExitProcess
GetLastError
ResetEvent
GetSystemTimeAsFileTime
CloseHandle
Sleep
EnterCriticalSection
InterlockedDecrement
GetTickCount
GetModuleFileNameA
DisableThreadLibraryCalls
CreateThread
InitializeCriticalSection
GlobalReAlloc
lstrlenA
FindCloseChangeNotification
FindClose
GetVersionExA

Sections

.text
Size: 94KB - Virtual size: 93KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 66KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 1024B - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e86365e05e43011391ab7c836e6cfb5b

Headers

File Characteristics

Imports

user32

shell32

avifil32

ole32

advapi32

kernel32

Sections

.text Size: 94KB - Virtual size: 93KB

.rdata Size: 3KB - Virtual size: 3KB

.bss Size: 66KB - Virtual size: 66KB

.tls Size: 1024B - Virtual size: 104KB

.text
Size: 94KB - Virtual size: 93KB

.rdata
Size: 3KB - Virtual size: 3KB

.bss
Size: 66KB - Virtual size: 66KB

.tls
Size: 1024B - Virtual size: 104KB