549aa173782d3cb81e74082b25d4696c

Sharing

Copy URL Twitter E-mail

General

Target

549aa173782d3cb81e74082b25d4696c
Size

2.4MB
MD5

549aa173782d3cb81e74082b25d4696c
SHA1

4835e93ed91a2ec9a6ab5e41db50c835e8e52fc9
SHA256

e0899247fbc15821b99ae4d4be19142c31db062cbb06a10600b26c918ef6f7d3
SHA512

a9b6ac3f05c3ef527ba6a5214351651d058c12245ce911834495a2106d5bb08b7c7acb38f03085abf38e2b13287882c0a8a5f7d91522be6194d592850e366009
SSDEEP

49152:ZDeebgXw9HqIAv6Ii15j7DyRrlOzByBp5PnWFmp5OA3Aq:Zqebsw1qjmPD4BvPndOE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/H264WebCam.exe

Files

549aa173782d3cb81e74082b25d4696c
.rar
H264WebCam.exe
.exe windows:4 windows x86 arch:x86

2edc729b19d7e1e6cecce374d8d45d38

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetProcAddress

winmm

timeGetTime

ws2_32

setsockopt

ssleay32

ord74

libeay32

ord197

user32

GetDC

gdi32

Pie

comdlg32

GetFileTitleA

winspool.drv

OpenPrinterA

advapi32

RegCloseKey

shell32

SHGetMalloc

comctl32

ord17

oledlg

ord8

ole32

CoInitialize

olepro32

ord250

oleaut32

SysAllocString

wininet

FtpOpenFileA

ddraw

DirectDrawCreate

dsound

ord1

xvidcore

xvid_global

Sections

.MPRESS1
Size: 2.4MB - Virtual size: 7.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

2edc729b19d7e1e6cecce374d8d45d38

Headers

File Characteristics

Imports

kernel32

winmm

ws2_32

ssleay32

libeay32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

olepro32

oleaut32

wininet

ddraw

dsound

xvidcore

Sections

.MPRESS1 Size: 2.4MB - Virtual size: 7.7MB

.MPRESS2 Size: 4KB - Virtual size: 3KB

.rsrc Size: 17KB - Virtual size: 17KB

.MPRESS1
Size: 2.4MB - Virtual size: 7.7MB

.MPRESS2
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 17KB - Virtual size: 17KB