ab073bf253a907936d94f3a0dfa56a33

Sharing

Copy URL

Twitter E-mail

General

Target

ab073bf253a907936d94f3a0dfa56a33
Size

167KB
MD5

ab073bf253a907936d94f3a0dfa56a33
SHA1

8ef16584f24728f96a3fc23f8da67ab4e9fe323d
SHA256

e030de42157e65f7e981cd80586ceb09f1f146a23b90686e15ce9d772eff9b39
SHA512

a871cff186cc5842661db726d2dbbe90ddfc80b854dfd4a4fc2f31cb6f8f8df4d2a7820c7b804a1d762d52694cdb75f02fe75322308e9539ed3bae0c782382a3
SSDEEP

3072:OkzzcIrf6J/uSzUd4gh320sKg4Tc7b1WQVUyjmSIlwu9Wi0Z:jzvrf6J/lEFxfNc7b1VUySSIy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ab073bf253a907936d94f3a0dfa56a33

Files

ab073bf253a907936d94f3a0dfa56a33
.exe windows:4 windows x86 arch:x86

d76e714757185a318f338f54a045682b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

timeGetTime

gdi32

CreateCompatibleBitmap
SetBkColor
BitBlt
CreateDIBSection
StretchBlt
CreateCompatibleDC
SelectObject
GetObjectType
GetDIBits
CreateSolidBrush
GetObjectW
SetBrushOrgEx
DeleteDC
DeleteObject
CreateBitmap
CreateDCW
SetStretchBltMode

kernel32

Sleep
GetProcAddress
RemoveDirectoryW
FindClose
GetLastError
CreateMutexA
DeleteFileA
WaitForMultipleObjects
GetModuleFileNameW
InitializeCriticalSection
ReadFile
CreateDirectoryA
WideCharToMultiByte
GetTempFileNameW
GetPriorityClass
SetFileAttributesW
lstrlenW
GetVersionExW
LoadLibraryW
MulDiv
MultiByteToWideChar
FindNextFileW
GetTempFileNameA
CloseHandle
GetModuleFileNameA
OutputDebugStringW
DeleteCriticalSection
GetCurrentThreadId
OutputDebugStringA
GetLocaleInfoA
CreateFileA
FreeLibrary
LocalFree
GetSystemTime
InterlockedDecrement
EnumResourceTypesW
lstrlenA
FindFirstFileW
ExitProcess
GetThreadLocale
CreateDirectoryW
ReleaseMutex
GetCurrentProcessId
GetTempPathA
GetACP
EnterCriticalSection
LeaveCriticalSection
SetFileAttributesA
DisableThreadLibraryCalls
SetFilePointer
GetTempPathW
QueryPerformanceCounter
GetFileAttributesA
WaitForSingleObject
WriteFile
GetVersionExA
InterlockedIncrement
InterlockedExchange
LocalAlloc
DeleteFileW
GetTickCount
CopyFileA
GetSystemTimeAsFileTime

shlwapi

PathCombineW
PathAddBackslashW
PathAppendW
PathFileExistsW
PathRemoveBackslashW
PathFileExistsA
PathRenameExtensionW
PathIsDirectoryW
PathRemoveFileSpecW

shell32

SHGetSpecialFolderPathA

advapi32

RegQueryValueExA
RegSetValueW
RegDeleteKeyW
RegSetValueExW
RegCloseKey
RegCreateKeyW
RegQueryValueExW
RegCreateKeyExA
RegOpenKeyExA
RegSetValueExA
RegOpenKeyExW
RegEnumKeyExW
RegDeleteKeyA

ole32

CoUninitialize
CoFreeUnusedLibraries
StringFromGUID2
CoCreateInstance
CoInitialize

avifil32

AVISaveOptions
AVIMakeCompressedStream

user32

OffsetRect
IsRectEmpty
GetDC
PeekMessageW
SetRectEmpty
wsprintfW
ReleaseDC
CopyRect
GetClientRect
FillRect
TranslateMessage
DispatchMessageW
GetWindowRect

Sections

.text
Size: 96KB - Virtual size: 95KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 65KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 1024B - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d76e714757185a318f338f54a045682b

Headers

File Characteristics

Imports

winmm

gdi32

kernel32

shlwapi

shell32

advapi32

ole32

avifil32

user32

Sections

.text Size: 96KB - Virtual size: 95KB

.rdata Size: 3KB - Virtual size: 3KB

.bss Size: 65KB - Virtual size: 65KB

.tls Size: 1024B - Virtual size: 104KB

.text
Size: 96KB - Virtual size: 95KB

.rdata
Size: 3KB - Virtual size: 3KB

.bss
Size: 65KB - Virtual size: 65KB

.tls
Size: 1024B - Virtual size: 104KB