b8dfdd27f6b8c3dacaafdf0683047bcb

Sharing

Copy URL Twitter E-mail

General

Target

b8dfdd27f6b8c3dacaafdf0683047bcb
Size

163KB
MD5

b8dfdd27f6b8c3dacaafdf0683047bcb
SHA1

854d3fd99494fca95cf6cd307ec02f13c8af6a5d
SHA256

dd1bb8cfe19f9a849dffafb5ccf93a180f576db424b20f4bfd55e80c398b1188
SHA512

5a878fcf3cc5d60afd17d59213c6d9a5e7ddf35f153d70935f414325f373fba50580d58ec6f4ba180386e80d32f5c7f2d48d2bf8c0d4540f65fe41f335afb9a4
SSDEEP

3072:1P7nUWClqGMxh+h+fCQORDaZ5R+zLZRIkTV3Bybw5Fjf5qQ6aesCtBbIJ:N7nz5GaCRRGPoIkTBgs5Jf5AaesCt5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b8dfdd27f6b8c3dacaafdf0683047bcb

Files

b8dfdd27f6b8c3dacaafdf0683047bcb
.exe windows:4 windows x86 arch:x86

38cd7e444abf4878dd5935a5730ce8c5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

StretchDIBits
GetObjectA
DeleteDC
CreateRectRgn
SetStretchBltMode
DeleteObject
GetCurrentObject
SelectObject
FillRgn
CreateCompatibleDC
CreateDIBSection
SetDIBitsToDevice
CombineRgn
GetStockObject
BitBlt
SetDIBColorTable
StretchBlt

avicap32

capCreateCaptureWindowA
capGetDriverDescriptionA

msvfw32

ICDecompress
ICOpen
ICSendMessage
ICClose

user32

GetWindowRect
DestroyWindow
TranslateMessage
SubtractRect
GetClientRect
DefWindowProcA
LoadCursorA
SetCursor
SetWindowLongA
EndPaint
SendMessageA
BeginPaint
CallWindowProcA
GetMessageA
MessageBoxA
UpdateWindow
CreateWindowExA
PeekMessageA
IsWindow
ScreenToClient
GetWindowLongA
GetClassLongA
InvalidateRect
SetWindowTextA
GetFocus
LoadIconA
DispatchMessageA
RegisterClassA
OffsetRect
SetFocus
ReleaseCapture
ShowWindow
wsprintfA
wvsprintfA
MoveWindow
GetKeyState
SetCapture

comctl32

CreateToolbarEx

avifil32

AVIStreamGetFrame
AVIStreamRelease
AVIFileCreateStreamA
AVIStreamInfoA
AVIFileOpenA
AVIFileGetStream
AVISaveOptions
AVIFileRelease
AVIStreamWrite
AVIStreamGetFrameOpen
AVIStreamGetFrameClose
AVIStreamSetFormat
AVIFileInit
AVIMakeCompressedStream

kernel32

QueryDosDeviceW
CreateFileMappingA
LocalFree
lstrlenA
GetProcessId
ReadFile
LocalAlloc
CloseHandle
ProcessIdToSessionId
Sleep
GlobalSize
EnumResourceTypesA
SetFilePointer
MapViewOfFile
GlobalAlloc
GetFileSize
ExitProcess
WriteFile
CreateFileA
DisableThreadLibraryCalls
UnmapViewOfFile
GlobalFree

Sections

.text
Size: 98KB - Virtual size: 97KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 1024B - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

38cd7e444abf4878dd5935a5730ce8c5

Headers

File Characteristics

Imports

gdi32

avicap32

msvfw32

user32

comctl32

avifil32

kernel32

Sections

.text Size: 98KB - Virtual size: 97KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 60KB - Virtual size: 60KB

.tls Size: 1024B - Virtual size: 92KB

.text
Size: 98KB - Virtual size: 97KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 60KB - Virtual size: 60KB

.tls
Size: 1024B - Virtual size: 92KB