998585aa950bf85e698f5e126761a8a3

General

Target

998585aa950bf85e698f5e126761a8a3
Size

174KB
MD5

998585aa950bf85e698f5e126761a8a3
SHA1

3a03f8551ba1519fdb75802d52be59efe923813b
SHA256

e876625ca9d9ab7b76c9eab2c5b63e6bf66905de898c942218b59e00dddc3fef
SHA512

87e44e13675dc3d396cac71366f4ada76cd759622467c2b3cac958acd1e35f968e0537fab5afb2b052d9307e471e33822750833bc085ac99eaccb93e77a09c65
SSDEEP

3072:tduktnexNogm7jmN2Bfhp3xP93fNmw5oT8ilkCKsn7Wz6:tdukpexNogm7jmsJp3ck8nl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
998585aa950bf85e698f5e126761a8a3

Files

998585aa950bf85e698f5e126761a8a3
.exe windows:4 windows x86 arch:x86

56e070c9d2d128403079a619cd6ac1a6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

timeGetTime

avifil32

AVISaveOptions
AVIMakeCompressedStream

kernel32

InterlockedIncrement
CreateFileA
OutputDebugStringA
GetTempFileNameA
GetShortPathNameA
GetSystemTime
SetFilePointer
GetLastError
MultiByteToWideChar
GetVersionExA
GetTempPathW
GetProcessAffinityMask
GetTickCount
GetTempPathA
LocalAlloc
LoadLibraryW
GetModuleFileNameA
CloseHandle
DisableThreadLibraryCalls
GetProcAddress
OutputDebugStringW
EnterCriticalSection
CreateMutexA
EnumResourceTypesW
SetFileAttributesW
LeaveCriticalSection
GetCurrentThreadId
ReadFile
InterlockedDecrement
WriteFile
CreateDirectoryA
ReleaseMutex
FreeLibrary
QueryPerformanceCounter
GetTempFileNameW
GetFileAttributesA
GetCurrentProcessId
CopyFileA
WideCharToMultiByte
lstrlenA
DeleteFileA
TerminateProcess
SetFileAttributesA
LocalFree
WaitForSingleObject
GetSystemTimeAsFileTime

user32

FillRect
PeekMessageW
IsRectEmpty
TranslateMessage
ReleaseDC
OffsetRect
CopyRect
GetClientRect
wsprintfW
DispatchMessageW
SetRectEmpty
GetDC
GetWindowRect

Sections

.text
Size: 102KB - Virtual size: 101KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 1024B - Virtual size: 380KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

56e070c9d2d128403079a619cd6ac1a6

Headers

File Characteristics

Imports

winmm

avifil32

kernel32

user32

Sections

.text Size: 102KB - Virtual size: 101KB

.rdata Size: 2KB - Virtual size: 1KB

.bss Size: 68KB - Virtual size: 67KB

.tls Size: 1024B - Virtual size: 380KB

.text
Size: 102KB - Virtual size: 101KB

.rdata
Size: 2KB - Virtual size: 1KB

.bss
Size: 68KB - Virtual size: 67KB

.tls
Size: 1024B - Virtual size: 380KB