autoplay[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

autoplay.exe
Size

176KB
MD5

5bcafcd18d4cdf5bba3aa063bc031d80
SHA1

381ddf5f8b0614cd7a1b8e58b85081a2b51a5654
SHA256

2caf36f34b301c57b0282114f4336695ae17fc0027bc5285c489468a601e7fcb
SHA512

d90d9a89930afff32fb4daf05e31bdd7738e7843ef8591d5053727dbb2ff107fe61b955d89973860a23341ad863c2181a795898ebfc01a4eb2b98f0b6a1a51c1
SSDEEP

3072:aMDyhBwdcY7mGarLMXNXPEv9t94Nos+gW2gOK:aMDSwGOtarNFr4bW2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
autoplay.exe

Files

autoplay.exe
.exe windows:4 windows x86 arch:x86

1f4fb107d531ff8dcb81f32e4b27e194

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

PlaySoundA

kernel32

GetCommandLineA
ExitProcess
TerminateProcess
HeapAlloc
RaiseException
GetACP
HeapReAlloc
HeapSize
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetStartupInfoA
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
SetStdHandle
GetProfileStringA
HeapFree
RtlUnwind
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
GetCurrentProcess
SetErrorMode
GetOEMCP
GetCPInfo
GetProcessVersion
GlobalFlags
TlsGetValue
LocalReAlloc
TlsSetValue
EnterCriticalSection
GlobalReAlloc
LeaveCriticalSection
TlsFree
GlobalHandle
GlobalFree
DeleteCriticalSection
TlsAlloc
InitializeCriticalSection
LocalAlloc
LoadLibraryA
FreeLibrary
FindResourceA
LoadResource
SizeofResource
GlobalFindAtomA
GetModuleHandleA
GetProcAddress
SetLastError
LocalFree
lstrcatA
lstrcpyA
lstrcpynA
GlobalUnlock
GlobalGetAtomNameA
GlobalAddAtomA
GetVersion
CloseHandle
WritePrivateProfileStringA
GetPrivateProfileStringA
GetPrivateProfileIntA
MultiByteToWideChar
WideCharToMultiByte
lstrlenA
InterlockedIncrement
InterlockedDecrement
GlobalLock
GlobalAlloc
GlobalDeleteAtom
lstrcmpA
lstrcmpiA
GetCurrentThread
GetCurrentThreadId
GetLastError
GetModuleFileNameA
GetCurrentDirectoryA
GetEnvironmentStrings

user32

GrayStringA
GetWindowPlacement
SystemParametersInfoA
IntersectRect
OffsetRect
SetForegroundWindow
GetForegroundWindow
GetMessagePos
GetMessageTime
DefWindowProcA
RemovePropA
CallWindowProcA
GetPropA
SetPropA
GetClassLongA
CreateWindowExA
DestroyWindow
RegisterClassA
GetTopWindow
EndDeferWindowPos
BeginDeferWindowPos
DeferWindowPos
AdjustWindowRectEx
GetSysColor
MapWindowPoints
InflateRect
GetClassNameA
LoadStringA
GetSysColorBrush
ScreenToClient
BringWindowToTop
IsIconic
EqualRect
GetMenuItemCount
GetSubMenu
GetMenuItemID
UnpackDDElParam
ReuseDDElParam
SetActiveWindow
WinHelpA
SetMenu
GetMenu
GetClassInfoA
LoadMenuA
DestroyMenu
IsWindow
GetDesktopWindow
GetWindow
GetCapture
ReleaseCapture
TranslateAcceleratorA
LoadAcceleratorsA
SetRectEmpty
RegisterWindowMessageA
DrawTextA
ShowWindow
SetWindowPos
MoveWindow
SetWindowLongA
GetDlgCtrlID
GetWindowTextLengthA
GetWindowTextA
SetWindowTextA
GetDlgItem
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetFocus
GetNextDlgTabItem
GetMessageA
TranslateMessage
DispatchMessageA
GetActiveWindow
GetKeyState
CallNextHookEx
ValidateRect
IsWindowVisible
PeekMessageA
SetWindowsHookExA
GetLastActivePopup
IsWindowEnabled
GetWindowLongA
MessageBoxA
ShowOwnedPopups
wsprintfA
UnhookWindowsHookEx
PostQuitMessage
PostMessageA
CopyRect
GetCursorPos
PtInRect
KillTimer
GetWindowRect
GetParent
SetTimer
UnregisterClassA
HideCaret
ShowCaret
ExcludeUpdateRgn
DrawFocusRect
DefDlgProcA
SetCursor
LoadCursorA
GetDC
ReleaseDC
InvalidateRect
GetClientRect
GetSystemMetrics
AdjustWindowRect
EnableWindow
LoadImageA
TabbedTextOutA
EndPaint
BeginPaint
GetWindowDC
SetFocus
ClientToScreen
SendMessageA
LoadIconA
UpdateWindow
IsWindowUnicode
CharNextA

gdi32

SaveDC
RestoreDC
SelectObject
GetStockObject
SelectPalette
SetBkColor
SetBkMode
SetTextColor
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
GetClipBox
IntersectClipRect
DeleteDC
DeleteObject
GetDeviceCaps
CreateSolidBrush
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
PatBlt
CreateBitmap
GetTextExtentPoint32A
RealizePalette
BitBlt
CreateFontIndirectA
GetObjectA
CreateHalftonePalette
CreateCompatibleDC
GetDIBColorTable
GetTextExtentPointA
CreateDIBitmap
CreatePalette

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

RegQueryValueExA
RegCloseKey
RegOpenKeyExA
RegCreateKeyExA
RegCreateKeyA
RegSetValueExA

shell32

DragQueryFileA
DragFinish
ShellExecuteA

comctl32

ord17

Sections

.text
Size: 112KB - Virtual size: 110KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1f4fb107d531ff8dcb81f32e4b27e194

Headers

File Characteristics

Imports

winmm

kernel32

user32

gdi32

winspool.drv

advapi32

shell32

comctl32

Sections

.text Size: 112KB - Virtual size: 110KB

.rdata Size: 24KB - Virtual size: 23KB

.data Size: 16KB - Virtual size: 31KB

.rsrc Size: 20KB - Virtual size: 17KB

.text
Size: 112KB - Virtual size: 110KB

.rdata
Size: 24KB - Virtual size: 23KB

.data
Size: 16KB - Virtual size: 31KB

.rsrc
Size: 20KB - Virtual size: 17KB