738e0dcc0d1ad49dc32d3e45670a3557

Sharing

Copy URL

Twitter E-mail

General

Target

738e0dcc0d1ad49dc32d3e45670a3557
Size

175KB
MD5

738e0dcc0d1ad49dc32d3e45670a3557
SHA1

a3a95efaac1325ccb86721470248c55dec90f65e
SHA256

e79e4d4a2722d013f01cfdd80f79eb3f4dd1f2222eb60538607962da323230b2
SHA512

c33535318d593afdeafda119084f85332cfb5515d73265d3f18a16f2f42b7a0364414256c21a97ade240762b77f806bc49ceac3dde95fb48ef6d827f92ee526a
SSDEEP

3072:4eAaGphBL4h36wwjtBDqiyyxbbwitWk9d05rDlVTjvbSsho5GIEx/+X6b8BX:b3GL14h3rsHkyxbR9G5rDlVTjvbFhIEc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
738e0dcc0d1ad49dc32d3e45670a3557

Files

738e0dcc0d1ad49dc32d3e45670a3557
.exe windows:4 windows x86 arch:x86

61ecc3a03d1570fce7c57546b7a9cdb6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

IsRectEmpty
SetRectEmpty
GetDC
FillRect
TranslateMessage
GetClientRect
PeekMessageW
DispatchMessageW
CopyRect
OffsetRect
wsprintfW
ReleaseDC
GetWindowRect

ole32

StringFromGUID2
CoCreateInstance
CoFreeUnusedLibraries
CoUninitialize
CoInitialize

winmm

timeGetTime

kernel32

GetModuleFileNameW
LocalAlloc
SetFileAttributesW
GetFileAttributesA
CloseHandle
DeleteCriticalSection
QueryPerformanceCounter
WaitNamedPipeA
FindFirstFileW
CreateFileA
DeleteFileW
SetFileAttributesA
InterlockedIncrement
InterlockedDecrement
GetProcessAffinityMask
WideCharToMultiByte
CopyFileA
InterlockedExchange
GetCurrentThreadId
OutputDebugStringW
GetACP
MulDiv
FreeLibrary
ReadFile
LeaveCriticalSection
FindNextFileW
GetCurrentProcessId
ReleaseMutex
GetTempPathA
CreateDirectoryA
GetModuleFileNameA
GetTickCount
RemoveDirectoryW
lstrlenW
CreateDirectoryW
EnumResourceTypesW
GetVersionExA
GetTempPathW
CreateMutexA
GetLastError
lstrlenA
ExitProcess
WaitForSingleObject
LocalFree
FindClose
EnterCriticalSection
DisableThreadLibraryCalls
GetSystemTime
DeleteFileA
MultiByteToWideChar
WriteFile
GetThreadLocale
GetProcAddress
SetFilePointer
GetTempFileNameA
OutputDebugStringA
GetVersionExW
Sleep
GetTempFileNameW
GetLocaleInfoA
LoadLibraryW
InitializeCriticalSection
GetSystemTimeAsFileTime

shell32

SHGetSpecialFolderPathA

shlwapi

PathCombineW
PathRenameExtensionW
PathAddBackslashW
PathAppendW
PathRemoveBackslashW
PathFileExistsW
PathIsDirectoryW
PathFileExistsA
PathRemoveFileSpecW

gdi32

GetDIBits
GetObjectType
SetBrushOrgEx
CreateCompatibleDC
CreateSolidBrush
SelectObject
CreateCompatibleBitmap
SetBkColor
CreateDIBSection
BitBlt
StretchBlt
CreateDCW
DeleteDC
CreateBitmap
DeleteObject
GetObjectW
SetStretchBltMode

advapi32

RegCreateKeyW
RegCloseKey
RegSetValueExW
RegOpenKeyExW
RegEnumKeyExW
RegOpenKeyExA
RegQueryValueExA
RegSetValueExA
RegQueryValueExW
RegSetValueW
RegDeleteKeyW
RegCreateKeyExA
RegDeleteKeyA

avifil32

AVISaveOptions
AVIMakeCompressedStream

Sections

.text
Size: 103KB - Virtual size: 102KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 67KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 1024B - Virtual size: 380KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

61ecc3a03d1570fce7c57546b7a9cdb6

Headers

File Characteristics

Imports

user32

ole32

winmm

kernel32

shell32

shlwapi

gdi32

advapi32

avifil32

Sections

.text Size: 103KB - Virtual size: 102KB

.rdata Size: 3KB - Virtual size: 3KB

.bss Size: 67KB - Virtual size: 66KB

.tls Size: 1024B - Virtual size: 380KB

.text
Size: 103KB - Virtual size: 102KB

.rdata
Size: 3KB - Virtual size: 3KB

.bss
Size: 67KB - Virtual size: 66KB

.tls
Size: 1024B - Virtual size: 380KB