3e884bfdeb12e9b6eb47b1e037161b526f293e0aa88120da7008cf3a86433be6

Sharing

Copy URL

Twitter E-mail

General

Target

3e884bfdeb12e9b6eb47b1e037161b526f293e0aa88120da7008cf3a86433be6
Size

405KB
MD5

add46c031aa28ba3422f91a7593da02c
SHA1

21924e93c7abb78fee6a305a2a29671a4d04f443
SHA256

3e884bfdeb12e9b6eb47b1e037161b526f293e0aa88120da7008cf3a86433be6
SHA512

ebb6eb0820c326b596b4720d70d38e47201ddb2acadf23bdbed84eb357c72b0b7f822cc551192e41299b048daa3b500cc71c61809525df5670f28c627c1835bc
SSDEEP

6144:rkOwWeAFtqjDXq6uPOyW3g2xk7RkAas7N3vfUKtiQ2bhW2rASH5y7XmG:4Ow7XqXPOqKAasRkKIRrRHEmG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3e884bfdeb12e9b6eb47b1e037161b526f293e0aa88120da7008cf3a86433be6

Files

3e884bfdeb12e9b6eb47b1e037161b526f293e0aa88120da7008cf3a86433be6
.exe windows x86

35d68a875078a7b0b21e952a1fcad084

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

crypt32

CryptAcquireCertificatePrivateKey
CertSetCertificateContextProperty
CertEnumCertificatesInStore
CertGetCertificateContextProperty
CertCloseStore
PFXImportCertStore
CertOpenStore
CertDeleteCertificateFromStore
CertGetNameStringA
CertFreeCertificateContext
CertAddCertificateContextToStore
CertCreateCertificateContext

rpcrt4

UuidCreate
RpcStringFreeA
UuidToStringA

version

VerQueryValueA
GetFileVersionInfoSizeA
GetFileVersionInfoA

kernel32

FindClose
FindFirstFileA
GetVolumeInformationA
GetFullPathNameA
SetErrorMode
GetFileAttributesA
GetFileSizeEx
GetFileTime
GetTickCount
HeapFree
HeapAlloc
GetConsoleCP
GetConsoleMode
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetSystemTimeAsFileTime
GetCommandLineA
GetStartupInfoA
HeapReAlloc
RtlUnwind
RaiseException
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
HeapSize
HeapCreate
VirtualFree
GetStdHandle
GetACP
IsValidCodePage
GetFileType
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
DuplicateHandle
SetStdHandle
InitializeCriticalSectionAndSpinCount
LCMapStringA
LCMapStringW
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetStringTypeA
GetStringTypeW
GetTimeZoneInformation
GetProcessHeap
CompareStringW
SetEnvironmentVariableA
CreateFileA
WriteFile
FileTimeToSystemTime
GetTempFileNameA
CloseHandle
GetTempPathA
SystemTimeToFileTime
GetLastError
FileTimeToLocalFileTime
GetSystemTime
GetFileSize
FindResourceA
LoadResource
WideCharToMultiByte
SizeofResource
ReadFile
MultiByteToWideChar
LockResource
GetVersion
CreateMutexA
ReleaseMutex
ExitProcess
InitializeCriticalSection
Sleep
LeaveCriticalSection
GetProcAddress
EnterCriticalSection
LoadLibraryA
DeleteCriticalSection
GetVersionExA
FreeLibrary
GetCurrentProcess
VirtualQueryEx
GetSystemDirectoryA
GetModuleHandleA
SetLastError
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WritePrivateProfileStringA
GetOEMCP
GetCPInfo
InterlockedIncrement
GetModuleHandleW
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
GlobalHandle
GlobalReAlloc
TlsGetValue
LocalAlloc
GetThreadLocale
GlobalFlags
GetCurrentProcessId
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesA
GetModuleFileNameA
GetLocaleInfoA
LoadLibraryExA
InterlockedExchange
lstrcmpA
InterlockedDecrement
GetModuleFileNameW
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
CompareStringA
lstrcmpW
GlobalAlloc
FormatMessageA
LocalFree
MulDiv
lstrlenA
GlobalLock
GlobalUnlock
GlobalFree
FreeResource
SetHandleCount

user32

CharNextA
CopyAcceleratorTableA
IsRectEmpty
SetRect
InvalidateRgn
GetNextDlgGroupItem
MessageBeep
RegisterClipboardFormatA
PostThreadMessageA
TabbedTextOutA
GetMessageA
TranslateMessage
ValidateRect
SetWindowContextHelpId
MapDialogRect
SetCursor
PostQuitMessage
ReleaseDC
GetDC
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
SendDlgItemMessageA
WinHelpA
IsChild
GetCapture
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
GetPropA
RemovePropA
GetWindowTextLengthA
GetForegroundWindow
GetLastActivePopup
DispatchMessageA
GetTopWindow
UnhookWindowsHookEx
CharUpperA
GetMessagePos
GetKeyState
SetMenu
GetClassInfoExA
GetClassInfoA
RegisterClassA
GetSysColor
AdjustWindowRectEx
ScreenToClient
EqualRect
CopyRect
PtInRect
GetDlgCtrlID
CallWindowProcA
GetMenu
OffsetRect
IntersectRect
GetWindowPlacement
GetMenuItemCount
GetDesktopWindow
GetActiveWindow
CreateDialogIndirectParamA
GetDlgItem
IsWindowEnabled
GetNextDlgTabItem
EndDialog
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapA
GetFocus
GetParent
GetMenuState
EnableMenuItem
CheckMenuItem
ReleaseCapture
SetCapture
DestroyWindow
GetClassNameA
RegisterClassExA
TrackPopupMenu
GetMenuItemID
KillTimer
DefWindowProcA
SystemParametersInfoA
DestroyMenu
LoadStringA
GetWindowThreadProcessId
UnregisterClassA
LoadCursorA
GetSysColorBrush
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
GrayStringA
DrawTextExA
GetMessageTime
DrawTextA
EnableWindow
PostMessageA
SetFocus
PeekMessageA
MessageBoxA
SendMessageA
RegisterWindowMessageA
ModifyMenuA
UpdateWindow
IsWindowVisible
GetSystemMetrics
SetMenuDefaultItem
IsWindow
AppendMenuA
CreatePopupMenu
GetCursorPos
SetWindowPos
RedrawWindow
CreateWindowExA
GetWindowLongA
SetWindowLongA
GetClientRect
SetParent
DrawIcon
LoadIconA
LoadMenuA
SetForegroundWindow
GetSubMenu
IsIconic
SetActiveWindow
GetSystemMenu
InvalidateRect
GetWindowRect
GetWindow
GetWindowTextA
MapWindowPoints

gdi32

DeleteObject
GetViewportExtEx
GetWindowExtEx
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
SelectObject
SetViewportOrgEx
SetMapMode
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
DeleteDC
GetStockObject
GetMapMode
GetBkColor
GetTextColor
GetRgnBox
RestoreDC
SaveDC
CreateRectRgnIndirect
GetObjectA
SetBkColor
SetTextColor
GetClipBox
GetDeviceCaps
OffsetViewportOrgEx
CreateBitmap

comdlg32

GetFileTitleA

winspool.drv

DocumentPropertiesA
ClosePrinter
OpenPrinterA

advapi32

CryptReleaseContext
CryptAcquireContextA
CryptExportKey
CryptDestroyKey
CryptGetUserKey
RegCloseKey
RegQueryValueExA
RegOpenKeyExA
RegDeleteKeyA
RegEnumKeyA
RegOpenKeyA
RegQueryValueA
RegSetValueExA
RegCreateKeyExA

shell32

ShellExecuteA
Shell_NotifyIconA

shlwapi

PathFindExtensionA
PathFindFileNameA
PathStripToRootA
PathRemoveFileSpecW
PathIsUNCA

oledlg

ord8

ole32

CoFreeUnusedLibraries
OleUninitialize
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CLSIDFromString
CLSIDFromProgID
CoInitializeEx
CoCreateInstance
OleInitialize
CoTaskMemAlloc
CoTaskMemFree
CoRevokeClassObject
OleIsCurrentClipboard
OleFlushClipboard
CoRegisterMessageFilter
CoUninitialize

oleaut32

SysFreeString
SysAllocStringByteLen
VariantClear
VariantChangeType
VariantInit
SysAllocStringLen
VariantCopy
SafeArrayDestroy
VariantTimeToSystemTime
SystemTimeToVariantTime
OleCreateFontIndirect
SysAllocString
SysStringLen

Sections

.text
Size: 266KB - Virtual size: 266KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 66KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

35d68a875078a7b0b21e952a1fcad084

Headers

DLL Characteristics

File Characteristics

Imports

crypt32

rpcrt4

version

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

shlwapi

oledlg

ole32

oleaut32

Sections

.text Size: 266KB - Virtual size: 266KB

.rdata Size: 66KB - Virtual size: 65KB

.data Size: 12KB - Virtual size: 37KB

.rsrc Size: 19KB - Virtual size: 19KB

.reloc Size: 40KB - Virtual size: 39KB

.text
Size: 266KB - Virtual size: 266KB

.rdata
Size: 66KB - Virtual size: 65KB

.data
Size: 12KB - Virtual size: 37KB

.rsrc
Size: 19KB - Virtual size: 19KB

.reloc
Size: 40KB - Virtual size: 39KB