ca9a1bf8e8a1a794fa8e905be44ad1a5

General

Target

ca9a1bf8e8a1a794fa8e905be44ad1a5
Size

4.2MB
MD5

ca9a1bf8e8a1a794fa8e905be44ad1a5
SHA1

c4704776e6ec8f162cba019a695e75696bb0d2ab
SHA256

a7f2022a914af43ccbf0e811cccf5b85e05c1ead46b9b9c769488fd391af527a
SHA512

56e5f00e514d6c0a90354cd1e8d53cd0b055cccaabb997b2a85aafb62d83c6fc87535c45b1c9f5bb60ed371e83fce52d4e2a891b313b7a79fcdad24ac7f756b5
SSDEEP

98304:l3Ka+9Klyg+OYPWgPsDLRyC3aRuz5NL0rW1J+MI/z8QQ0Jkz1/IB9B:pKWygHYOJBRqRuz+YJ+Msz8QQ8r

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/video-to-zune1a.exe

Files

ca9a1bf8e8a1a794fa8e905be44ad1a5
.rar
video-to-zune1a.exe
.exe windows:4 windows x86 arch:x86

ee31e1326561c4abbd0816f5b638e7ca

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ReadFile
SetFilePointer
CloseHandle
WriteFile
GetTempPathA
GetSystemTime
lstrlenA
GetTempFileNameA
GetModuleFileNameA
CreateProcessA
GetStartupInfoA
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
MultiByteToWideChar
SetStdHandle
CreateFileA
GetFileSize
GetLastError
GetModuleHandleA
WaitForSingleObject
DeleteFileA
GetCommandLineA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
HeapDestroy
HeapCreate
VirtualFree
HeapFree
RtlUnwind
GetCPInfo
GetACP
GetOEMCP
HeapAlloc
VirtualAlloc
HeapReAlloc
GetProcAddress
LoadLibraryA
FlushFileBuffers

user32

CreateDialogParamA
GetDlgItem
SendMessageA
UpdateWindow
DestroyWindow

advapi32

RegCreateKeyExA
RegSetValueExA
RegCloseKey

comctl32

ord17

Sections

.text
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
新云软件.url
.url

Sharing

General

Malware Config

Signatures

Files

ee31e1326561c4abbd0816f5b638e7ca

Headers

File Characteristics

Imports

kernel32

user32

advapi32

comctl32

Sections

.text Size: 20KB - Virtual size: 18KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 4KB - Virtual size: 7KB

.rsrc Size: 12KB - Virtual size: 8KB

.text
Size: 20KB - Virtual size: 18KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 4KB - Virtual size: 7KB

.rsrc
Size: 12KB - Virtual size: 8KB