b3d87650f240236ceaeae5b3ab198607f7054bd6ca4cf54bd9586abf227b19ae

Sharing

Copy URL Twitter E-mail

General

Target

b3d87650f240236ceaeae5b3ab198607f7054bd6ca4cf54bd9586abf227b19ae
Size

408KB
MD5

ef47d3ef7b41e16bf2e714600a5852ac
SHA1

c0fffd2c171223044387fc60b94c62b6b21c01c1
SHA256

b3d87650f240236ceaeae5b3ab198607f7054bd6ca4cf54bd9586abf227b19ae
SHA512

f1e94d6cebaafce7a6c98cead2d54eeb9829350f5f60c7c807b308fb7e929a9877f7b6dc7c8a436a87625a954a2aa3c7979fb36f9bbdd80145c111a6151db500
SSDEEP

6144:hplzLxRpLAYbNhGnxyvKjzVYbNhGnxyvKjzlIBw6+5MMW:hnbxbNhGnxyijzmbNhGnxyijzqC6+5bW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b3d87650f240236ceaeae5b3ab198607f7054bd6ca4cf54bd9586abf227b19ae

Files

b3d87650f240236ceaeae5b3ab198607f7054bd6ca4cf54bd9586abf227b19ae
.exe windows:5 windows x86

6d9f44dcb2a710699d3425a1cf85a441

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

CommandLineToArgvW

kernel32

CreateProcessW
HeapAlloc
SetUnhandledExceptionFilter
GetCurrentProcess
HeapFree
GetModuleHandleW
GetProcessHeap
InitializeCriticalSection
Thread32First
ReadProcessMemory
TerminateProcess
Thread32Next
GetModuleFileNameW
GetProcAddress
EnterCriticalSection
VirtualAllocEx
OpenThread
CreateEventW
WaitForMultipleObjects
CreateToolhelp32Snapshot
GetCurrentThreadId
DuplicateHandle
CloseHandle
GetCurrentProcessId
WriteProcessMemory
SuspendThread
GetLastError
GetLongPathNameW
SetErrorMode
LoadLibraryW
WaitForSingleObject
OpenMutexW
SetLastError
WriteConsoleW
SetStdHandle
LCMapStringW
MultiByteToWideChar
GetConsoleMode
GetConsoleCP
WideCharToMultiByte
SetFilePointer
RtlUnwind
LeaveCriticalSection
HeapReAlloc
IsValidCodePage
SearchPathW
GetCommandLineW
FlushFileBuffers
CreateFileW
FreeLibrary
GetOEMCP
GetACP
GetCPInfo
GetStringTypeW
IsProcessorFeaturePresent
GetSystemTimeAsFileTime
EncodePointer
DecodePointer
HeapSetInformation
GetStartupInfoW
UnhandledExceptionFilter
IsDebuggerPresent
Sleep
HeapSize
ExitProcess
RaiseException
WriteFile
GetStdHandle
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
InitializeCriticalSectionAndSpinCount
GetFileType
DeleteCriticalSection
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
InterlockedIncrement
InterlockedDecrement
HeapCreate
QueryPerformanceCounter
GetTickCount

user32

LoadAcceleratorsW
DispatchMessageW
EndPaint
DestroyWindow
SetTimer
GetMessageW
PostQuitMessage
DialogBoxParamW
LoadCursorW
DefWindowProcW
TranslateMessage
BeginPaint
RegisterClassExW
LoadIconW
EndDialog
LoadStringW
ShowWindow
CreateWindowExW
UpdateWindow

advapi32

RegCloseKey
RegSetValueExW
RegOpenKeyExW
RegDeleteValueW
RegCreateKeyExW

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

shlwapi

PathFileExistsW

Sections

.text
Size: 35KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 272KB - Virtual size: 271KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 70KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

6d9f44dcb2a710699d3425a1cf85a441

Headers

DLL Characteristics

File Characteristics

Imports

shell32

kernel32

user32

advapi32

version

shlwapi

Sections

.text Size: 35KB - Virtual size: 34KB

.rdata Size: 13KB - Virtual size: 13KB

.data Size: 4KB - Virtual size: 13KB

.rsrc Size: 272KB - Virtual size: 271KB

.reloc Size: 70KB - Virtual size: 72KB

.text
Size: 35KB - Virtual size: 34KB

.rdata
Size: 13KB - Virtual size: 13KB

.data
Size: 4KB - Virtual size: 13KB

.rsrc
Size: 272KB - Virtual size: 271KB

.reloc
Size: 70KB - Virtual size: 72KB