ff00e50250ebcb62c6ba23fdcf4db82e70917b9dccfc630234d7052497dd8937

Sharing

Copy URL

Twitter E-mail

General

Target

ff00e50250ebcb62c6ba23fdcf4db82e70917b9dccfc630234d7052497dd8937
Size

276KB
MD5

17218aea8fd3d84d8f4f7b5e8f18c6bd
SHA1

4c6732a8397d0dba81a571b42220cfc20f998c5e
SHA256

ff00e50250ebcb62c6ba23fdcf4db82e70917b9dccfc630234d7052497dd8937
SHA512

b88ef32378983396dfd783c605059390fd564fef120a93a659c6ec47ef8faabc1507a4bebcde161ed18051e9481fd727a685b95c4897bfa17595c8500648769f
SSDEEP

3072:uHRgAE0ZZX0fY4YuRncPtWE03SRf/ex2Z5bN6WeF/wgrmj8FUho/+PVXlPke+rSk:7OZHHb1G23yYx8g195+rSW8OYYjS4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ff00e50250ebcb62c6ba23fdcf4db82e70917b9dccfc630234d7052497dd8937

Files

ff00e50250ebcb62c6ba23fdcf4db82e70917b9dccfc630234d7052497dd8937
.exe windows:4 windows x86 arch:x86

2ccb70a7477fb72737c59514ff4fdbc3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\Diphso\FotoMorph\FMPlayer\Release\FMPlayer.pdb

Imports

opengl32

glFlush
wglGetCurrentDC
glViewport
glMatrixMode
glLoadIdentity
glAreTexturesResident
glDeleteTextures
wglCreateContext
glShadeModel
glClearDepth
glDepthFunc
glHint
glGenTextures
glTexParameteri
glTexImage2D
wglMakeCurrent
glClearColor
glColor3f
glClear
glFinish
glEnable
glColor4f
glDisable
glBindTexture
glTexSubImage2D
glBlendFunc
glBegin
glTexCoord2f
glVertex3f
glEnd
wglDeleteContext

glu32

gluOrtho2D

kernel32

GetCurrentProcess
CreateFileA
SetErrorMode
SetEndOfFile
HeapAlloc
HeapFree
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
RtlUnwind
ExitProcess
GetStartupInfoA
GetCommandLineA
HeapReAlloc
TerminateProcess
HeapSize
HeapDestroy
HeapCreate
VirtualFree
IsBadWritePtr
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
SetHandleCount
GetStdHandle
GetFileType
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetUnhandledExceptionFilter
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
SetStdHandle
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
GetCPInfo
GlobalFlags
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
TlsGetValue
GlobalHandle
GlobalReAlloc
LocalAlloc
InterlockedIncrement
CloseHandle
WritePrivateProfileStringA
GetPrivateProfileIntA
InterlockedDecrement
GetCurrentThread
lstrcmpA
ConvertDefaultLocale
EnumResourceLanguagesA
lstrcpyA
FreeResource
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
LoadLibraryA
FreeLibrary
lstrcmpW
GetModuleHandleA
GetProcAddress
SetLastError
GlobalFree
MulDiv
GlobalAlloc
GlobalLock
GlobalUnlock
FormatMessageA
lstrcpynA
LocalFree
lstrcatA
GetModuleFileNameA
EnterCriticalSection
LeaveCriticalSection
FindResourceA
LoadResource
LockResource
SizeofResource
lstrlenA
lstrcmpiA
GetVersion
DeleteCriticalSection
InitializeCriticalSection
GetLastError
RaiseException
WideCharToMultiByte
MultiByteToWideChar
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
GetOEMCP

user32

GetMenuItemInfoA
InflateRect
GetSysColorBrush
LoadMenuA
DestroyMenu
UnpackDDElParam
ReuseDDElParam
ReleaseCapture
LoadAcceleratorsA
InsertMenuItemA
CreatePopupMenu
SetRectEmpty
BringWindowToTop
SetMenu
TranslateAcceleratorA
GetMessageA
TranslateMessage
GetCursorPos
ValidateRect
ShowOwnedPopups
SetCursor
PostQuitMessage
GetDesktopWindow
GetActiveWindow
CreateDialogIndirectParamA
GetNextDlgTabItem
EndDialog
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
GrayStringA
DrawTextExA
TabbedTextOutA
FillRect
SetMenuItemBitmaps
ModifyMenuA
EnableMenuItem
CheckMenuItem
GetMenuCheckMarkDimensions
IsWindowEnabled
ShowWindow
SetWindowTextA
IsDialogMessageA
RegisterWindowMessageA
WinHelpA
GetCapture
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassInfoExA
SetPropA
GetPropA
RemovePropA
SendDlgItemMessageA
GetFocus
IsWindow
SetFocus
GetWindowTextA
GetForegroundWindow
GetLastActivePopup
SetActiveWindow
DispatchMessageA
BeginDeferWindowPos
EndDeferWindowPos
GetDlgItem
DestroyWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
PeekMessageA
MapWindowPoints
TrackPopupMenu
GetKeyState
SetForegroundWindow
IsWindowVisible
GetMenu
PostMessageA
GetSysColor
AdjustWindowRectEx
GetParent
ScreenToClient
EqualRect
DeferWindowPos
GetClassInfoA
RegisterClassA
GetDlgCtrlID
SendMessageA
DefWindowProcA
CallWindowProcA
GetWindowLongA
SetWindowLongA
SetWindowPos
OffsetRect
IntersectRect
SystemParametersInfoA
IsIconic
GetWindowPlacement
CopyRect
PtInRect
GetWindow
GetMenuState
GetMenuItemID
GetMenuItemCount
GetSubMenu
GetClassNameA
KillTimer
SetTimer
LoadIconA
GetWindowRect
GetSystemMetrics
MessageBoxA
SetClassLongA
LoadBitmapA
UpdateWindow
DrawTextA
wsprintfA
GetDC
ReleaseDC
LoadCursorA
EnableWindow
InvalidateRect
GetClientRect
LoadImageA
UnregisterClassA
GetTopWindow

gdi32

GetClipBox
SetBkColor
CreateBitmap
SaveDC
CreatePatternBrush
CreateCompatibleBitmap
CreateFontIndirectA
GetTextExtentPoint32A
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
Escape
ExtTextOutA
SwapBuffers
GetPixelFormat
DescribePixelFormat
ChoosePixelFormat
SetPixelFormat
GetDeviceCaps
CreateSolidBrush
GetStockObject
SetBkMode
SetTextColor
CreateFontA
CreateDIBSection
BitBlt
GetPixel
DeleteObject
GetObjectA
SelectObject
DeleteDC
CreateCompatibleDC
TextOutA
RectVisible
PtVisible
SetMapMode
RestoreDC

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegOpenKeyA
RegQueryValueExA
RegOpenKeyExA
RegCreateKeyExA
RegSetValueExA
RegDeleteKeyA
RegEnumKeyA
RegQueryValueA
RegCloseKey

shell32

DragQueryFileA
DragFinish

comctl32

ord17
ImageList_Draw
ImageList_GetImageInfo
ImageList_Destroy

shlwapi

PathFindFileNameA
PathFindExtensionA

oleaut32

VariantInit
VariantClear
VariantChangeType

gdiplus

GdiplusShutdown

Sections

.text
Size: 168KB - Virtual size: 165KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 85KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 60KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2ccb70a7477fb72737c59514ff4fdbc3

Headers

File Characteristics

PDB Paths

Imports

opengl32

glu32

kernel32

user32

gdi32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oleaut32

gdiplus

Sections

.text Size: 168KB - Virtual size: 165KB

.rdata Size: 36KB - Virtual size: 33KB

.data Size: 8KB - Virtual size: 85KB

.rsrc Size: 60KB - Virtual size: 57KB

.text
Size: 168KB - Virtual size: 165KB

.rdata
Size: 36KB - Virtual size: 33KB

.data
Size: 8KB - Virtual size: 85KB

.rsrc
Size: 60KB - Virtual size: 57KB