c43f42e037d73467a89a1d548aaf219b

Sharing

Copy URL

Twitter E-mail

General

Target

c43f42e037d73467a89a1d548aaf219b
Size

182KB
MD5

c43f42e037d73467a89a1d548aaf219b
SHA1

a004b321f20bfad118a31d8e67da796431957fca
SHA256

ab3dedeaab2b53300976aa03ce39f4a87c20b1af03f4df3252d07209ff7e3ef4
SHA512

2d7d149a7db02e3c0dca35475921fdcfdbd359c7489920abfc98ed2362a6b89c83856a4e8fba7184fbd31e5088ed1816902d8d41f00101352a4a20d8bd238148
SSDEEP

3072:fAOPJyV3mr/OGDw//dQ/JqBlS3GMjeN9+4YBfCjVMg:o2JyV3wXEHdQRolS2Mjd4EfCj3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c43f42e037d73467a89a1d548aaf219b

Files

c43f42e037d73467a89a1d548aaf219b
.exe windows:4 windows x86 arch:x86

89d750318ffa1cac313ac18070be85d3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathCombineW
PathRemoveBackslashW
PathAddBackslashW
PathAppendW
PathFileExistsW
PathIsDirectoryW
PathFileExistsA
PathRenameExtensionW
PathRemoveFileSpecW

shell32

SHGetSpecialFolderPathA

gdi32

CreateCompatibleBitmap
GetDIBits
CreateCompatibleDC
SetBkColor
GetObjectType
CreateBitmap
CreateSolidBrush
CreateDCW
SetBrushOrgEx
SelectObject
StretchBlt
GetObjectW
DeleteDC
CreateDIBSection
DeleteObject
BitBlt
SetStretchBltMode

kernel32

InterlockedIncrement
GetVersionExW
InterlockedDecrement
WaitForMultipleObjects
GetTempFileNameW
ReleaseMutex
GetLastError
OutputDebugStringA
GetTempPathA
DeleteFileW
lstrlenW
SetFilePointer
QueryPerformanceCounter
FreeLibrary
CloseHandle
GetFileAttributesA
LeaveCriticalSection
GetCurrentProcessId
RemoveDirectoryW
GetSystemTime
GetProcAddress
GetVersionExA
SetFileAttributesA
GetPriorityClass
InterlockedExchange
LocalFree
CreateFileA
lstrlenA
EnumResourceTypesW
CopyFileA
GetLocaleInfoA
CreateDirectoryA
ReadFile
LocalAlloc
LoadLibraryW
GetTempFileNameA
WideCharToMultiByte
MulDiv
OutputDebugStringW
DeleteCriticalSection
GetModuleFileNameA
FindNextFileW
SetFileAttributesW
GetACP
DisableThreadLibraryCalls
GetTempPathW
FindClose
GetThreadLocale
ExitProcess
WriteFile
EnterCriticalSection
Sleep
GetCurrentThreadId
GetTickCount
GetModuleFileNameW
CreateDirectoryW
WaitForSingleObject
DeleteFileA
FindFirstFileW
MultiByteToWideChar
CreateMutexA
InitializeCriticalSection
GetSystemTimeAsFileTime

user32

GetClientRect
ReleaseDC
wsprintfW
TranslateMessage
SetRectEmpty
GetDC
CopyRect
PeekMessageW
OffsetRect
FillRect
DispatchMessageW
IsRectEmpty
GetWindowRect

avifil32

AVISaveOptions
AVIMakeCompressedStream

advapi32

RegCreateKeyW
RegDeleteKeyW
RegEnumKeyExW
RegCreateKeyExA
RegSetValueExW
RegOpenKeyExW
RegOpenKeyExA
RegSetValueExA
RegQueryValueExA
RegSetValueW
RegQueryValueExW
RegCloseKey
RegDeleteKeyA

ole32

CoUninitialize
CoCreateInstance
StringFromGUID2
CoFreeUnusedLibraries
CoInitialize

winmm

timeGetTime

Sections

.text
Size: 105KB - Virtual size: 105KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 71KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 1024B - Virtual size: 124KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

89d750318ffa1cac313ac18070be85d3

Headers

File Characteristics

Imports

shlwapi

shell32

gdi32

kernel32

user32

avifil32

advapi32

ole32

winmm

Sections

.text Size: 105KB - Virtual size: 105KB

.rdata Size: 3KB - Virtual size: 3KB

.bss Size: 71KB - Virtual size: 71KB

.tls Size: 1024B - Virtual size: 124KB

.text
Size: 105KB - Virtual size: 105KB

.rdata
Size: 3KB - Virtual size: 3KB

.bss
Size: 71KB - Virtual size: 71KB

.tls
Size: 1024B - Virtual size: 124KB