3b82a7e99dc50843a57880e8d40c0cca1e1334be12dc89bd086c894f4dfe36c2

Sharing

Copy URL Twitter E-mail

General

Target

3b82a7e99dc50843a57880e8d40c0cca1e1334be12dc89bd086c894f4dfe36c2
Size

388KB
MD5

3796f23d5f8b68d768845e8ba3c35a8a
SHA1

845d9989e763f5019f2868ecbb122384f3177a82
SHA256

3b82a7e99dc50843a57880e8d40c0cca1e1334be12dc89bd086c894f4dfe36c2
SHA512

71953540ede304065550f208deabf53adf684f960517c3da46c6cb9ecaed5e4507e3df697a1aaf784f52c68f53f4c26a5c44fc2aacb7186a2aae1ff197ca0528
SSDEEP

6144:iMnRH+mXPFcu8A4NIkb1V0/0QZU86sAJvSv56ZCvr7d2TOG:TRWvA4zt8dWSIZQvdR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3b82a7e99dc50843a57880e8d40c0cca1e1334be12dc89bd086c894f4dfe36c2

Files

3b82a7e99dc50843a57880e8d40c0cca1e1334be12dc89bd086c894f4dfe36c2
.exe windows x86

f13c21b1133f90139c4b69828e733d68

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryW
OutputDebugStringW
LCMapStringW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
ReadConsoleW
GetConsoleMode
SetFilePointerEx
SetFilePointer
GetFileType
LoadLibraryExW
GetModuleHandleW
GetStartupInfoW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
CreateFileW
GetConsoleCP
SetUnhandledExceptionFilter
UnhandledExceptionFilter
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
GetStringTypeW
GetProcessHeap
HeapSize
GetModuleFileNameW
GetStdHandle
GetCurrentThreadId
SetLastError
GetCPInfo
GetOEMCP
IsValidCodePage
InterlockedIncrement
RtlUnwind
RaiseException
GetCommandLineA
IsProcessorFeaturePresent
IsDebuggerPresent
AreFileApisANSI
GetModuleHandleExW
InterlockedDecrement
HeapReAlloc
HeapFree
HeapAlloc
DecodePointer
EncodePointer
ExitProcess
GetACP
SetStdHandle
FlushFileBuffers
GetCurrentProcess
WriteConsoleW
EscapeCommFunction
GetOverlappedResult
WriteFile
GetCommMask
ExitThread
WaitForMultipleObjects
ClearCommError
WaitCommEvent
LeaveCriticalSection
PurgeComm
GetTickCount
SetCommState
BuildCommDCBA
GetCommState
SetCommMask
SetCommTimeouts
EnterCriticalSection
InitializeCriticalSection
CreateEventA
ResetEvent
SetEvent
Sleep
CreateThread
CloseHandle
ReadFile
GetFileSize
CreateFileA
GetModuleHandleA
GetModuleFileNameA
LockResource
SizeofResource
FreeResource
LoadResource
FindResourceA
GetLastError
IsDBCSLeadByte
WideCharToMultiByte
GetProcAddress
LoadLibraryA
MulDiv
MultiByteToWideChar
TerminateProcess
SetEndOfFile

user32

PtInRect
SetCursor
LoadCursorA
CharNextA
MapWindowPoints
GetMonitorInfoA
MonitorFromWindow
GetParent
ShowWindow
SendMessageA
GetCursorPos
ScreenToClient
SetWindowTextA
EnableWindow
GetWindowLongA
SetWindowLongA
SetFocus
GetClientRect
InvalidateRect
DefWindowProcA
GetWindowTextLengthA
GetWindowTextA
SetWindowRgn
IsZoomed
IsIconic
InflateRect
OffsetRect
MessageBoxA
CharPrevA
SetRect
DrawTextA
FillRect
ReleaseCapture
SetCapture
KillTimer
SetTimer
GetFocus
EndPaint
BeginPaint
GetUpdateRect
GetDC
ReleaseDC
DestroyWindow
IsRectEmpty
PostMessageA
GetPropA
SetPropA
CallWindowProcA
RegisterClassExA
GetClassInfoExA
RegisterClassA
GetWindowRect
PostQuitMessage
DispatchMessageA
TranslateMessage
GetMessageA
GetWindow
IsWindow
CreateWindowExA
GetCaretPos
GetKeyState
GetSysColor
ClientToScreen
SetCaretPos
HideCaret
ShowCaret
CreateCaret
IntersectRect
SetWindowPos

gdi32

GetCharABCWidthsA
RoundRect
LineTo
MoveToEx
CreatePenIndirect
ExtTextOutA
SetBkColor
SetStretchBltMode
StretchBlt
CreateDIBSection
CombineRgn
CreateRoundRectRgn
ExtSelectClipRgn
GetClipBox
SelectClipRgn
GetTextExtentPoint32A
SetWindowOrgEx
Rectangle
RestoreDC
BitBlt
SaveDC
SelectObject
CreateCompatibleDC
DeleteDC
CreatePen
CreateFontIndirectA
GetStockObject
GetDeviceCaps
GetObjectA
CreateSolidBrush
SetTextColor
SetBkMode
DeleteObject
TextOutA
GetTextMetricsA
CreateRectRgnIndirect
CreateCompatibleBitmap

comdlg32

GetOpenFileNameA
GetSaveFileNameA

advapi32

RegCreateKeyExA
RegCloseKey
RegEnumValueA
RegOpenKeyExA
RegSetValueExA

shell32

ShellExecuteA

ole32

CoInitialize
CoUninitialize

gdiplus

GdipDrawString
GdipFree
GdipCloneBrush
GdipAlloc
GdipDeleteBrush
GdipCreateLineBrushI
GdipSetStringFormatLineAlign
GdipSetStringFormatAlign
GdipDeleteStringFormat
GdipCreateStringFormat
GdipSetTextRenderingHint
GdipDeleteGraphics
GdipCreateFromHDC
GdipDeleteFont
GdipCreateFontFromLogfontA
GdipCreateFontFromDC
GdiplusShutdown
GdiplusStartup

imm32

ImmGetContext
ImmReleaseContext
ImmSetCompositionWindow

comctl32

ord17
_TrackMouseEvent

Sections

.text
Size: 286KB - Virtual size: 286KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 10KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 22KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

f13c21b1133f90139c4b69828e733d68

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

gdiplus

imm32

comctl32

Sections

.text Size: 286KB - Virtual size: 286KB

.rdata Size: 68KB - Virtual size: 67KB

.data Size: 10KB - Virtual size: 17KB

.rsrc Size: 22KB - Virtual size: 24KB

.text
Size: 286KB - Virtual size: 286KB

.rdata
Size: 68KB - Virtual size: 67KB

.data
Size: 10KB - Virtual size: 17KB

.rsrc
Size: 22KB - Virtual size: 24KB