c5c7dce65ba03b914eedb56479edb2ca

Sharing

Copy URL Twitter E-mail

General

Target

c5c7dce65ba03b914eedb56479edb2ca
Size

203KB
MD5

c5c7dce65ba03b914eedb56479edb2ca
SHA1

277ab1a962285bd4944a9b2fca0c605ba51912b1
SHA256

e671d451ba8f104f96cd966b0877575576dd605d593111a904ef09f4c7cd9aca
SHA512

d0262af7d3be8054fae6111359da4cd8a5ddc065fdd682bec7ee53bc5f391b4ae1d7b5ce968f84d87d061ef2ae3acc15bdef4615e494960989f8ade8bc1eb671
SSDEEP

3072:0WBwDPkoioahmX1Eoo8Rybj5Ecg4CC3bsxMG1LPi+Y4dS1X/ddSBh0EWY:M87hCETZ/bCC3wvY4dS1X/3rY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c5c7dce65ba03b914eedb56479edb2ca

Files

c5c7dce65ba03b914eedb56479edb2ca
.exe windows:4 windows x86 arch:x86

4be2976f562b57ff649fcf237ab85a7a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

avicap32

capCreateCaptureWindowA
capGetDriverDescriptionA

comctl32

CreateToolbarEx

user32

CreateWindowExA
UpdateWindow
CallWindowProcA
IsWindow
GetMessageA
SubtractRect
ReleaseCapture
DispatchMessageA
MoveWindow
InvalidateRect
PeekMessageA
SetWindowLongA
BeginPaint
LoadIconA
GetClassLongA
wvsprintfA
EndPaint
DestroyWindow
SendMessageA
GetKeyState
SetFocus
LoadCursorA
GetClientRect
GetWindowLongA
OffsetRect
wsprintfA
ShowWindow
TranslateMessage
SetCursor
ScreenToClient
SetWindowTextA
MessageBoxA
GetFocus
RegisterClassA
GetWindowRect
DefWindowProcA
SetCapture

avifil32

AVIStreamWrite
AVIFileCreateStreamA
AVISaveOptions
AVIStreamInfoA
AVIFileGetStream
AVIStreamGetFrameOpen
AVIFileInit
AVIFileRelease
AVIStreamSetFormat
AVIStreamGetFrame
AVIFileOpenA
AVIStreamGetFrameClose
AVIStreamRelease
AVIMakeCompressedStream

kernel32

CreateFileA
lstrlenA
QueryDosDeviceW
DisableThreadLibraryCalls
MapViewOfFile
LocalAlloc
GetProcessId
LocalFree
UnmapViewOfFile
SetFilePointer
EnumResourceTypesA
ProcessIdToSessionId
GlobalAlloc
GlobalSize
ReadFile
GetFileSize
ExitProcess
CloseHandle
WriteFile
Sleep
CreateFileMappingA
GlobalFree

msvfw32

ICSendMessage
ICOpen
ICDecompress
ICClose

gdi32

SetDIBitsToDevice
SetStretchBltMode
SelectObject
CreateDIBSection
CreateCompatibleDC
BitBlt
StretchDIBits
SetDIBColorTable
FillRgn
GetStockObject
DeleteDC
DeleteObject
CreateRectRgn
CombineRgn
GetObjectA
GetCurrentObject
StretchBlt

Sections

.text
Size: 121KB - Virtual size: 120KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 77KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 1024B - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4be2976f562b57ff649fcf237ab85a7a

Headers

File Characteristics

Imports

avicap32

comctl32

user32

avifil32

kernel32

msvfw32

gdi32

Sections

.text Size: 121KB - Virtual size: 120KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 77KB - Virtual size: 76KB

.tls Size: 1024B - Virtual size: 80KB

.text
Size: 121KB - Virtual size: 120KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 77KB - Virtual size: 76KB

.tls
Size: 1024B - Virtual size: 80KB