386ff28859f7dd236b87c8f327b984b6[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

386ff28859f7dd236b87c8f327b984b6.exe
Size

175KB
MD5

386ff28859f7dd236b87c8f327b984b6
SHA1

f9ad3b7d904e41bc8b2991a9c155d114a21c93f7
SHA256

e3e20b04b3612f0defaf67926f4821226dbd36d9b9be94100ac242dc72ce5597
SHA512

90600975fda226bb614fffec47c1d3399ab5dd0b2d84ff90a39351bb3cd85c6341985b7c5b7777ca5372c7acf3eb31a4195b49b8f35a27aeb189b52b4c4a8a24
SSDEEP

3072:0Ul37X0YW/+ZPhOCiXu1w7u/Wk0i9VCM5yvm03tK9o3PyUD8jqqhelW56wuSq1u:X5lD0kw7u+BMVCM5yvm03yoqUD8jUlW7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
386ff28859f7dd236b87c8f327b984b6.exe

Files

386ff28859f7dd236b87c8f327b984b6.exe
.exe windows:4 windows x86 arch:x86

5fb98a57aae0c40a03f029780da3e764

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

CreateToolbarEx

user32

IsWindow
SetWindowTextA
LoadCursorA
UpdateWindow
GetWindowLongA
CreateWindowExA
wvsprintfA
LoadIconA
OffsetRect
MoveWindow
InvalidateRect
TranslateMessage
GetFocus
ScreenToClient
RegisterClassA
ReleaseCapture
MessageBoxA
DestroyWindow
CallWindowProcA
SendMessageA
SetFocus
DispatchMessageA
EndPaint
SubtractRect
wsprintfA
GetClassLongA
GetWindowRect
GetMessageA
SetWindowLongA
GetClientRect
BeginPaint
PeekMessageA
SetCursor
GetKeyState
ShowWindow
DefWindowProcA
SetCapture

msvfw32

ICOpen
ICSendMessage
ICDecompress
ICClose

avicap32

capCreateCaptureWindowA
capGetDriverDescriptionA

kernel32

MapViewOfFile
UnmapViewOfFile
QueryDosDeviceW
CloseHandle
GetProcessId
lstrlenA
CreateFileMappingA
LocalAlloc
GetFileSize
ProcessIdToSessionId
EnumResourceTypesA
Sleep
CreateFileA
GlobalAlloc
GlobalSize
DisableThreadLibraryCalls
SetFilePointer
ExitProcess
ReadFile
WriteFile
LocalFree
GlobalFree

avifil32

AVISaveOptions
AVIStreamGetFrameClose
AVIFileGetStream
AVIStreamGetFrameOpen
AVIStreamRelease
AVIStreamWrite
AVIStreamGetFrame
AVIFileOpenA
AVIFileCreateStreamA
AVIFileInit
AVIFileRelease
AVIStreamInfoA
AVIStreamSetFormat
AVIMakeCompressedStream

gdi32

GetStockObject
CombineRgn
GetObjectA
FillRgn
CreateDIBSection
CreateCompatibleDC
DeleteDC
BitBlt
SetStretchBltMode
StretchDIBits
CreateRectRgn
GetCurrentObject
SetDIBitsToDevice
SetDIBColorTable
DeleteObject
SelectObject
StretchBlt

Sections

.text
Size: 102KB - Virtual size: 102KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 67KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 1024B - Virtual size: 372KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5fb98a57aae0c40a03f029780da3e764

Headers

File Characteristics

Imports

comctl32

user32

msvfw32

avicap32

kernel32

avifil32

gdi32

Sections

.text Size: 102KB - Virtual size: 102KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 67KB - Virtual size: 67KB

.tls Size: 1024B - Virtual size: 372KB

.text
Size: 102KB - Virtual size: 102KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 67KB - Virtual size: 67KB

.tls
Size: 1024B - Virtual size: 372KB