7a32b7070063a25f08a55040d4ff4ca5

General

Target

7a32b7070063a25f08a55040d4ff4ca5
Size

175KB
MD5

7a32b7070063a25f08a55040d4ff4ca5
SHA1

e32f03819afccd61304b79b6edf4643b10a0ca7b
SHA256

d430b095283c877f1228c939bd70aa8a9c93a133b24e619bb1ffc273ef00bb66
SHA512

c5da645eae5e5aab078c88320c0782766dde4b2aae647c14dcf6608e6ff3f1ec08ac62343ab79de92042e31909ace97140ee43b358f3e6d16ea929015365e8a8
SSDEEP

3072:f8Geg8Qx4zeqirjg19cJylXud5zoFVKUDuennJMXcyrI7l1OLbt:Ggz4N1uJ2+kKUaemM0vt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7a32b7070063a25f08a55040d4ff4ca5

Files

7a32b7070063a25f08a55040d4ff4ca5
.exe windows:4 windows x86 arch:x86

e656f8bf1e7e4f86cb18feebb4a67d4c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

timeGetTime

avifil32

AVISaveOptions
AVIMakeCompressedStream

kernel32

GetTempPathA
CloseHandle
EnterCriticalSection
CopyFileA
WriteFile
LocalAlloc
LocalFree
GetShortPathNameA
MultiByteToWideChar
DeleteFileA
GetProcessAffinityMask
GetModuleFileNameA
OutputDebugStringA
InterlockedDecrement
GetCurrentProcessId
ReadFile
WideCharToMultiByte
OutputDebugStringW
GetCurrentThreadId
TerminateProcess
EnumResourceTypesW
GetProcAddress
CreateDirectoryA
SetFileAttributesW
GetTickCount
LoadLibraryW
CreateFileA
GetTempPathW
GetLastError
GetTempFileNameW
LeaveCriticalSection
GetFileAttributesA
WaitForSingleObject
GetSystemTime
ReleaseMutex
CreateMutexA
SetFileAttributesA
QueryPerformanceCounter
DisableThreadLibraryCalls
GetTempFileNameA
GetVersionExA
InterlockedIncrement
SetFilePointer
lstrlenA
FreeLibrary
GetSystemTimeAsFileTime

user32

GetClientRect
TranslateMessage
SetRectEmpty
wsprintfW
IsRectEmpty
DispatchMessageW
FillRect
ReleaseDC
GetDC
PeekMessageW
CopyRect
OffsetRect
GetWindowRect

Sections

.text
Size: 104KB - Virtual size: 103KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 67KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 1024B - Virtual size: 252KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e656f8bf1e7e4f86cb18feebb4a67d4c

Headers

File Characteristics

Imports

winmm

avifil32

kernel32

user32

Sections

.text Size: 104KB - Virtual size: 103KB

.rdata Size: 2KB - Virtual size: 1KB

.bss Size: 67KB - Virtual size: 67KB

.tls Size: 1024B - Virtual size: 252KB

.text
Size: 104KB - Virtual size: 103KB

.rdata
Size: 2KB - Virtual size: 1KB

.bss
Size: 67KB - Virtual size: 67KB

.tls
Size: 1024B - Virtual size: 252KB