7a373c8d836e20a6ff66fdc4c1bfae12

Sharing

Copy URL Twitter E-mail

General

Target

7a373c8d836e20a6ff66fdc4c1bfae12
Size

175KB
MD5

7a373c8d836e20a6ff66fdc4c1bfae12
SHA1

1ac53d0221e03a0b378ece0ab04a683b12f49729
SHA256

80f99ae0ecd0d1a0f0407e71f19dd96e076c9b6e8c660e44a0b8eee3baed0ca4
SHA512

4d0e5d655705a0706b8fca91f78476b7e4f913a03c248b05be2d89ffa93da52f3a21d66fab80b6a7b4ea69a89ad341e245a81d4f0130a3f495435c79b6e62df0
SSDEEP

3072:oeoVT7tPXWxqRvweraj6RHF0cKjPBrLXLTt4BAVOQasQn5:ofXtPmxqd566Rl0cIdvO+zQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7a373c8d836e20a6ff66fdc4c1bfae12

Files

7a373c8d836e20a6ff66fdc4c1bfae12
.exe windows:4 windows x86 arch:x86

8177665806eb1bc96df52e46bcef996c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

avifil32

AVISaveOptions
AVIMakeCompressedStream

kernel32

WideCharToMultiByte
DeleteFileA
CreateMutexA
CreateFileA
DeleteFileW
CreateDirectoryA
InterlockedDecrement
GetTempFileNameW
LocalFree
GetLocaleInfoA
WaitForMultipleObjects
LocalAlloc
GetSystemTime
FreeLibrary
GetPriorityClass
CloseHandle
GetProcAddress
GetTempFileNameA
WaitForSingleObject
CreateDirectoryW
OutputDebugStringA
Sleep
InterlockedExchange
RemoveDirectoryW
InterlockedIncrement
GetCurrentThreadId
ReleaseMutex
InitializeCriticalSection
GetFileAttributesA
OutputDebugStringW
GetModuleFileNameA
SetFileAttributesW
LoadLibraryW
lstrlenA
GetVersionExW
GetTempPathA
GetLastError
EnumResourceTypesW
GetModuleFileNameW
ReadFile
ExitProcess
DeleteCriticalSection
GetVersionExA
MulDiv
FindFirstFileW
GetTempPathW
LeaveCriticalSection
FindNextFileW
WriteFile
lstrlenW
FindClose
DisableThreadLibraryCalls
EnterCriticalSection
SetFileAttributesA
GetACP
SetFilePointer
GetThreadLocale
CopyFileA
GetCurrentProcessId
QueryPerformanceCounter
GetTickCount
MultiByteToWideChar
GetSystemTimeAsFileTime

shlwapi

PathRenameExtensionW
PathAddBackslashW
PathFileExistsA
PathRemoveBackslashW
PathIsDirectoryW
PathCombineW
PathAppendW
PathFileExistsW
PathRemoveFileSpecW

user32

IsRectEmpty
DispatchMessageW
GetClientRect
GetDC
CopyRect
PeekMessageW
wsprintfW
FillRect
ReleaseDC
TranslateMessage
OffsetRect
SetRectEmpty
GetWindowRect

ole32

CoFreeUnusedLibraries
CoUninitialize
CoCreateInstance
StringFromGUID2
CoInitialize

gdi32

CreateSolidBrush
SelectObject
SetBrushOrgEx
GetObjectType
GetDIBits
CreateBitmap
StretchBlt
DeleteDC
CreateCompatibleBitmap
CreateDCW
BitBlt
CreateDIBSection
CreateCompatibleDC
DeleteObject
SetBkColor
GetObjectW
SetStretchBltMode

winmm

timeGetTime

advapi32

RegCreateKeyExA
RegSetValueExA
RegQueryValueExW
RegCloseKey
RegDeleteKeyW
RegEnumKeyExW
RegQueryValueExA
RegSetValueExW
RegOpenKeyExW
RegCreateKeyW
RegOpenKeyExA
RegSetValueW
RegDeleteKeyA

shell32

SHGetSpecialFolderPathA

Sections

.text
Size: 101KB - Virtual size: 100KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 68KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 1024B - Virtual size: 376KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8177665806eb1bc96df52e46bcef996c

Headers

File Characteristics

Imports

avifil32

kernel32

shlwapi

user32

ole32

gdi32

winmm

advapi32

shell32

Sections

.text Size: 101KB - Virtual size: 100KB

.rdata Size: 3KB - Virtual size: 3KB

.bss Size: 68KB - Virtual size: 68KB

.tls Size: 1024B - Virtual size: 376KB

.text
Size: 101KB - Virtual size: 100KB

.rdata
Size: 3KB - Virtual size: 3KB

.bss
Size: 68KB - Virtual size: 68KB

.tls
Size: 1024B - Virtual size: 376KB