3c313b32363c6d818889a0a114dd612f

Sharing

Copy URL

Twitter E-mail

General

Target

3c313b32363c6d818889a0a114dd612f
Size

4.0MB
MD5

3c313b32363c6d818889a0a114dd612f
SHA1

46b7b3f53f2ce6279febcef27e33e89452da40b6
SHA256

49b36f7f0dcc7830efe5595d7eb8688efdc7af3b8d734272038c9e7570806ea1
SHA512

0d5febadfe4e9ec2f7b1701fda9b067027d5dc25bb220975e3211734fc2bd5888778a2df1f2850aa9af3ff6994be7f12c120b34d3161a26ed0e384abcba8b7e4
SSDEEP

98304:bZSAU52/ToHhsGVOMurwtgMX3tPcGTtpr:bZgM/TizHrNtpr

Score

1^/10

Malware Config

Signatures

Files

3c313b32363c6d818889a0a114dd612f
.exe windows x86

3b9c426a6fdec2cb62dc7c138a0d2616

Code Sign

4d:6f:af:e4:6c:d1:42:2f:8c:a9:ed:51:93:bc:9f:32
Certificate

Issuer

POSTALCODE=10004

Not Before

21/02/2023, 10:14

Not After

21/02/2024, 10:14

Subject

POSTALCODE=10004

be:58:ff:15:f8:11:70:f8:67:74:95:7f:98:f0:77:e7:25:c4:b2:4f:f3:01:75:62:35:f8:57:94:ab:66:8d:d0
Signer

Actual PE Digest

be:58:ff:15:f8:11:70:f8:67:74:95:7f:98:f0:77:e7:25:c4:b2:4f:f3:01:75:62:35:f8:57:94:ab:66:8d:d0

Digest Algorithm

sha256

PE Digest Matches

true

Signature Validations

Trusted

false

Verification

Signing Certificate

POSTALCODE=10004

16/03/2023, 15:35
Valid: false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateFileW
GetWindowsDirectoryA
FindFirstVolumeMountPointW
FindFirstChangeNotificationA
WaitForSingleObject
ReadConsoleInputW
VerifyVersionInfoA
GetVersionExA
GetCurrentProcess
OpenEventA
CreateFileMappingW
SetLocaleInfoW
GetProcAddress
GlobalAlloc
GetConsoleTitleW
DeleteFileA
FindResourceW
GetLongPathNameA
GetBinaryTypeA
SetLastError
GetProfileSectionA
WriteProfileStringW
GetComputerNameExW
GetConsoleMode
WriteProfileSectionW
SetVolumeMountPointA
EnumResourceLanguagesA
CommConfigDialogA
EnumDateFormatsA
DeleteVolumeMountPointA
GetModuleHandleA
ZombifyActCtx
WritePrivateProfileStringW
GetSystemDirectoryA
GetStringTypeW
GetShortPathNameW
EnumCalendarInfoA
VerifyVersionInfoW
EnumCalendarInfoW
FindNextFileW
ReleaseActCtx
BuildCommDCBAndTimeoutsA
GetCurrentActCtx
FindFirstFileW
WriteConsoleW
GetConsoleAliasA
LoadLibraryA
HeapReAlloc
MultiByteToWideChar
RaiseException
RtlUnwind
GetLastError
HeapFree
GetCommandLineW
HeapSetInformation
GetStartupInfoW
EncodePointer
DecodePointer
IsProcessorFeaturePresent
HeapAlloc
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
InterlockedIncrement
GetModuleHandleW
GetCurrentThreadId
InterlockedDecrement
CloseHandle
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
TerminateProcess
EnterCriticalSection
LeaveCriticalSection
HeapCreate
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameW
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
InitializeCriticalSectionAndSpinCount
GetFileType
DeleteCriticalSection
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
Sleep
HeapSize
SetStdHandle
WideCharToMultiByte
GetConsoleCP
FlushFileBuffers
LoadLibraryW
LCMapStringW
SetFilePointer

user32

LoadMenuA
GetMessagePos

advapi32

RevertToSelf

shell32

FindExecutableW

ole32

CoGetInstanceFromFile

Sections

.text
Size: 80KB - Virtual size: 79KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 3.9MB - Virtual size: 5.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 3.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3b9c426a6fdec2cb62dc7c138a0d2616

Code Sign

4d:6f:af:e4:6c:d1:42:2f:8c:a9:ed:51:93:bc:9f:32Certificate

be:58:ff:15:f8:11:70:f8:67:74:95:7f:98:f0:77:e7:25:c4:b2:4f:f3:01:75:62:35:f8:57:94:ab:66:8d:d0Signer

Signature Validations

Verification

16/03/2023, 15:35 Valid: false

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ole32

Sections

.text Size: 80KB - Virtual size: 79KB

.data Size: 3.9MB - Virtual size: 5.2MB

.rsrc Size: 9KB - Virtual size: 3.3MB

4d:6f:af:e4:6c:d1:42:2f:8c:a9:ed:51:93:bc:9f:32
Certificate

be:58:ff:15:f8:11:70:f8:67:74:95:7f:98:f0:77:e7:25:c4:b2:4f:f3:01:75:62:35:f8:57:94:ab:66:8d:d0
Signer

16/03/2023, 15:35
Valid: false

.text
Size: 80KB - Virtual size: 79KB

.data
Size: 3.9MB - Virtual size: 5.2MB

.rsrc
Size: 9KB - Virtual size: 3.3MB