MDE_File_Sample_1bc4de31f06ecb48844ddc9bcf28f750313d64d3[.]zip

General

Target

MDE_File_Sample_1bc4de31f06ecb48844ddc9bcf28f750313d64d3.zip
Size

4KB
MD5

8229231c8ad5ccf28c3dd45d9f338e7c
SHA1

b82707b811857eed4b407b65efb98c4d4096319b
SHA256

95461e58c9574a63bdada92b1523885d3e7de368ab834dacdadf0b749cd7aa51
SHA512

41f1bdf7b8e1d2c5340ab98171121088e95e15c4edf5abcd023e583bf26b623b2d92bd08c495c38bed03ebf2ea6223f6b30424fb23e7bbeebe1d4b2c46402a32
SSDEEP

96:Kw5+y1SVjR9DhaOto2bZHZths7suQDbGlvqYGz247R:VDSNhaOtoiZHZjsKD6B9Gzt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/PlayMedia.exe

Files

MDE_File_Sample_1bc4de31f06ecb48844ddc9bcf28f750313d64d3.zip
.zip

Password: unzip_me
PlayMedia.exe
.exe windows:4 windows x86 arch:x86

Password: unzip_me

df7d3d8822b9134cf56db3aa5dfc582a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvfw32

MCIWndCreateA

msvcrt

_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
_onexit
__dllonexit
__CxxFrameHandler
??3@YAXPAX@Z
_setmbcp

mfc42

ord2621
ord4376
ord6215
ord2379
ord4710
ord1768
ord4234
ord324
ord1168
ord1146
ord4274
ord6375
ord4486
ord2554
ord2512
ord5731
ord3922
ord1089
ord5199
ord2396
ord3346
ord5300
ord5302
ord2725
ord4079
ord4698
ord5307
ord5289
ord5714
ord2982
ord3147
ord3259
ord4465
ord3136
ord3262
ord2985
ord3081
ord2976
ord3830
ord3831
ord3825
ord3079
ord4080
ord4622
ord4424
ord3738
ord561
ord815
ord641
ord2514
ord1576
ord1134
ord5265
ord4998
ord6052
ord4078
ord1775
ord4407
ord5241
ord2385
ord5163
ord6374
ord4353
ord5280
ord3798
ord4837
ord4441
ord2648
ord2055
ord6376
ord3749
ord5065
ord1727
ord5261
ord2446
ord2124
ord5277
ord4627
ord4425
ord3597

kernel32

GetModuleFileNameA
GetStartupInfoA
GetModuleHandleA
SetErrorMode
CloseHandle
CreateMutexA
GetLastError
OutputDebugStringA

user32

MoveWindow
GetClientRect
EnableWindow
SetTimer
LoadIconA
SendMessageA
UpdateWindow

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 576B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Password: unzip_me

Password: unzip_me

df7d3d8822b9134cf56db3aa5dfc582a

Headers

File Characteristics

Imports

msvfw32

msvcrt

mfc42

kernel32

user32

Sections

.text Size: 4KB - Virtual size: 3KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 4KB - Virtual size: 576B

.rsrc Size: 4KB - Virtual size: 1KB

.text
Size: 4KB - Virtual size: 3KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 4KB - Virtual size: 576B

.rsrc
Size: 4KB - Virtual size: 1KB