13f18729446808071e658abd17aaa4ea74de7c36e8e90ef1d90f7e958c80d74c

Sharing

Copy URL Twitter E-mail

General

Target

13f18729446808071e658abd17aaa4ea74de7c36e8e90ef1d90f7e958c80d74c
Size

152KB
MD5

332a9a624e6d4612ecc6b1fe22a0ec1d
SHA1

d966f044b2b7ac3faa51722d78d0c2264966d87d
SHA256

13f18729446808071e658abd17aaa4ea74de7c36e8e90ef1d90f7e958c80d74c
SHA512

f5e74f4825620282bacf38da89685ab8ecac254a96790456daf49bdec7bf7b946b16cdf0fe6c0499a352826d6a22089a591b44e644654eaf57a993147c04a274
SSDEEP

1536:us5Due3KiXb747AwMcZ9N3bUR8AK4Zc/BMvTJFHhRW8chG0No:Vue6iXb7MAwBWRLKqcpiTJFHHW8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
13f18729446808071e658abd17aaa4ea74de7c36e8e90ef1d90f7e958c80d74c

Files

13f18729446808071e658abd17aaa4ea74de7c36e8e90ef1d90f7e958c80d74c
.exe windows:4 windows x86 arch:x86

0b4ccd2b9457bd1620abf33a3c650ab4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

d3d11

D3D11CreateDevice

d3d9

Direct3DCreate9

dxva2

DXVA2CreateDirect3DDeviceManager9

kernel32

CreateMutexA
DeleteFileW
EnterCriticalSection
ExitProcess
FindResourceA
GetConsoleMode
GetEnvironmentVariableA
GetExitCodeProcess
GetModuleHandleA
GetModuleHandleW
GetProcAddress
GetProcessId
GetTempPathW
GetTickCount
HeapAlloc
HeapReAlloc
InitializeCriticalSection
IsBadStringPtrA
LeaveCriticalSection
LoadResource
LockResource
ReleaseMutex
SetConsoleMode
SetErrorMode
SetUnhandledExceptionFilter
SizeofResource
TlsAlloc
TlsGetValue
TlsSetValue
WaitForSingleObject

mf

MFGetService

mfplat

MFCalculateImageSize
MFCreateAttributes
MFCreateEventQueue
MFCreateMediaType
MFCreateMemoryBuffer
MFCreatePresentationDescriptor
MFCreateSample
MFCreateStreamDescriptor
MFCreateTempFile
MFInitMediaTypeFromMFVideoFormat
MFShutdown
MFStartup
MFTRegisterLocal
MFTUnregisterLocal

mfreadwrite

MFCreateSinkWriterFromMediaSink
MFCreateSinkWriterFromURL
MFCreateSourceReaderFromByteStream
MFCreateSourceReaderFromMediaSource

msvcrt

__getmainargs
__iob_func
__set_app_type
_fileno
_get_osfhandle
_isatty
_strdup
_vsnprintf
atoi
calloc
exit
fflush
free
fwrite
getenv
memcmp
memmove
printf
puts
setvbuf
strchr
strcmp
strcspn
strlen
strncmp
strrchr
vprintf
wcscat

ole32

CoCreateInstance
CoInitialize
CoUninitialize
CreateStreamOnHGlobal
PropVariantClear

propsys

PropVariantCompareEx

user32

AdjustWindowRect
CreateWindowExA
DestroyWindow

Sections

.text
Size: 68KB - Virtual size: 65KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 56B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rodata
Size: 4KB - Virtual size: 192B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 32KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.eh_fram
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 128KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0b4ccd2b9457bd1620abf33a3c650ab4

Headers

DLL Characteristics

File Characteristics

Imports

d3d11

d3d9

dxva2

kernel32

mf

mfplat

mfreadwrite

msvcrt

ole32

propsys

user32

Sections

.text Size: 68KB - Virtual size: 65KB

.data Size: 4KB - Virtual size: 56B

.rodata Size: 4KB - Virtual size: 192B

.rdata Size: 32KB - Virtual size: 28KB

.eh_fram Size: 8KB - Virtual size: 4KB

.bss Size: - Virtual size: 128KB

.idata Size: 4KB - Virtual size: 3KB

.rsrc Size: 20KB - Virtual size: 17KB

.reloc Size: 8KB - Virtual size: 5KB

.text
Size: 68KB - Virtual size: 65KB

.data
Size: 4KB - Virtual size: 56B

.rodata
Size: 4KB - Virtual size: 192B

.rdata
Size: 32KB - Virtual size: 28KB

.eh_fram
Size: 8KB - Virtual size: 4KB

.bss
Size: - Virtual size: 128KB

.idata
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 20KB - Virtual size: 17KB

.reloc
Size: 8KB - Virtual size: 5KB