72bb90ed4e26643d74f64234ae9639489f181efca5bcebef7a932551e4a215e4

Sharing

Copy URL Twitter E-mail

General

Target

72bb90ed4e26643d74f64234ae9639489f181efca5bcebef7a932551e4a215e4
Size

521KB
MD5

3a6d6a24b543a46b45c481a5bddd9592
SHA1

c55bbde3d7f7b3bc3c7ba34cfb4cc85c1aa5ae3a
SHA256

72bb90ed4e26643d74f64234ae9639489f181efca5bcebef7a932551e4a215e4
SHA512

8620139134cab00c4e9a69a2b127c7e3cd458f404441396b24dccccc08380af4fc303d03fc1ed3f77bdb3004d2d2760cf374d12345cd97c02066186875e47aa5
SSDEEP

12288:GPO35HGFgoIwRBqizktJdvyaInoXCGPY5:WO35HGFrIwRBAtfFLO5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
72bb90ed4e26643d74f64234ae9639489f181efca5bcebef7a932551e4a215e4

Files

72bb90ed4e26643d74f64234ae9639489f181efca5bcebef7a932551e4a215e4
.exe windows:4 windows x86 arch:x86

1bbd6f4a9b55b521d55d6ba79fbeb0c2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
CreateProcessW
DeleteCriticalSection
EnterCriticalSection
FreeLibrary
GetEnvironmentVariableW
GetExitCodeProcess
GetLastError
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleW
GetProcAddress
GetStartupInfoA
InitializeCriticalSection
IsDBCSLeadByteEx
LeaveCriticalSection
LoadLibraryA
MultiByteToWideChar
SetConsoleCtrlHandler
SetUnhandledExceptionFilter
Sleep
TerminateProcess
TlsGetValue
VirtualProtect
VirtualQuery
WaitForSingleObject
WideCharToMultiByte

msvcrt

__getmainargs
__initenv
__lconv_init
__mb_cur_max
__p___argv
__p__acmdln
__p__commode
__p__fmode
__set_app_type
__setusermatherr
_amsg_exit
_beginthreadex
_cexit
_endthreadex
_errno
_initterm
_iob
_lock
_onexit
_unlock
_wgetenv
abort
atoi
calloc
exit
fprintf
fputc
free
fwrite
getc
getenv
isalpha
islower
isspace
isupper
isxdigit
localeconv
malloc
mbstowcs
memcpy
memmove
memset
perror
realloc
setbuf
setlocale
signal
strchr
strcmp
strcpy
strerror
strlen
strncmp
strrchr
strtol
strtoul
tolower
ungetc
vfprintf
wcslen
wcstombs
_wstat
_strdup

ws2_32

WSACleanup
WSAStartup
accept
bind
closesocket
connect
htonl
htons
listen
recv
send
setsockopt
shutdown
socket

sdl2

SDL_AddEventWatch
SDL_CondBroadcast
SDL_CondSignal
SDL_CondWait
SDL_CondWaitTimeout
SDL_CreateCond
SDL_CreateMutex
SDL_CreateRGBSurfaceFrom
SDL_CreateRenderer
SDL_CreateTexture
SDL_CreateThread
SDL_CreateWindow
SDL_Delay
SDL_DestroyCond
SDL_DestroyMutex
SDL_DestroyRenderer
SDL_DestroyTexture
SDL_DestroyWindow
SDL_DisableScreenSaver
SDL_EnableScreenSaver
SDL_FreeSurface
SDL_GL_BindTexture
SDL_GL_GetDrawableSize
SDL_GL_GetProcAddress
SDL_GL_UnbindTexture
SDL_GetClipboardText
SDL_GetDisplayUsableBounds
SDL_GetError
SDL_GetModState
SDL_GetMouseState
SDL_GetRendererInfo
SDL_GetTicks
SDL_GetWindowPosition
SDL_GetWindowSize
SDL_HideWindow
SDL_Init
SDL_LockMutex
SDL_LogCritical
SDL_LogDebug
SDL_LogError
SDL_LogGetPriority
SDL_LogInfo
SDL_LogMessageV
SDL_LogSetPriority
SDL_LogVerbose
SDL_LogWarn
SDL_PushEvent
SDL_Quit
SDL_RenderClear
SDL_RenderCopy
SDL_RenderCopyEx
SDL_RenderPresent
SDL_RestoreWindow
SDL_SetClipboardText
SDL_SetHint
SDL_SetWindowFullscreen
SDL_SetWindowIcon
SDL_SetWindowPosition
SDL_SetWindowSize
SDL_ShowWindow
SDL_ThreadID
SDL_UnlockMutex
SDL_UpdateYUVTexture
SDL_WaitEvent
SDL_WaitThread
SDL_free
SDL_malloc

avutil-56

av_dict_set
av_frame_alloc
av_frame_free
av_frame_move_ref
av_frame_ref
av_frame_unref
av_log_set_callback
av_malloc

avformat-58

av_muxer_iterate
av_write_frame
av_write_trailer
avformat_alloc_context
avformat_free_context
avformat_network_deinit
avformat_network_init
avformat_new_stream
avformat_write_header
avio_close
avio_open

avcodec-58

av_grow_packet
av_new_packet
av_packet_alloc
av_packet_free
av_packet_ref
av_packet_rescale_ts
av_packet_unref
av_parser_close
av_parser_init
av_parser_parse2
avcodec_alloc_context3
avcodec_close
avcodec_find_decoder
avcodec_free_context
avcodec_open2
avcodec_receive_frame
avcodec_send_packet

Sections

.text
Size: 101KB - Virtual size: 101KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 476B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

/4
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 518KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 52B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

/14
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/29
Size: 106KB - Virtual size: 105KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/41
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/55
Size: 58KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/67
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/80
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/91
Size: 101KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/102
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1bbd6f4a9b55b521d55d6ba79fbeb0c2

Headers

File Characteristics

Imports

kernel32

msvcrt

ws2_32

sdl2

avutil-56

avformat-58

avcodec-58

Sections

.text Size: 101KB - Virtual size: 101KB

.data Size: 512B - Virtual size: 476B

.rdata Size: 24KB - Virtual size: 24KB

/4 Size: 4KB - Virtual size: 4KB

.bss Size: - Virtual size: 518KB

.idata Size: 6KB - Virtual size: 6KB

.CRT Size: 512B - Virtual size: 52B

.tls Size: 512B - Virtual size: 8B

/14 Size: 2KB - Virtual size: 1KB

/29 Size: 106KB - Virtual size: 105KB

/41 Size: 19KB - Virtual size: 18KB

/55 Size: 58KB - Virtual size: 58KB

/67 Size: 7KB - Virtual size: 7KB

/80 Size: 2KB - Virtual size: 2KB

/91 Size: 101KB - Virtual size: 100KB

/102 Size: 4KB - Virtual size: 4KB

.text
Size: 101KB - Virtual size: 101KB

.data
Size: 512B - Virtual size: 476B

.rdata
Size: 24KB - Virtual size: 24KB

/4
Size: 4KB - Virtual size: 4KB

.bss
Size: - Virtual size: 518KB

.idata
Size: 6KB - Virtual size: 6KB

.CRT
Size: 512B - Virtual size: 52B

.tls
Size: 512B - Virtual size: 8B

/14
Size: 2KB - Virtual size: 1KB

/29
Size: 106KB - Virtual size: 105KB

/41
Size: 19KB - Virtual size: 18KB

/55
Size: 58KB - Virtual size: 58KB

/67
Size: 7KB - Virtual size: 7KB

/80
Size: 2KB - Virtual size: 2KB

/91
Size: 101KB - Virtual size: 100KB

/102
Size: 4KB - Virtual size: 4KB