3bbd86216258aff3d3274a631b778d70_exe32[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

3bbd86216258aff3d3274a631b778d70_exe32.exe
Size

461KB
MD5

3bbd86216258aff3d3274a631b778d70
SHA1

884dfbfb81f13208ef0ce4601a49be2f625378e7
SHA256

574c160b13c0e9837b23e79e5319c8590f32d38ed134730c3b0059e0e46f6deb
SHA512

627c5830146b7f49a5cfa5771af95a5c6e54d172101a22296eb0d132dfe482476c86449fc67046d88f2bad9ca2a0f97d616a863395dcb5f147d4c70713d22120
SSDEEP

12288:RJpI1JBGXU/Ri8cqH5blCRuwhiNw4pYX:RJmJB0evXH5ZCAfhY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3bbd86216258aff3d3274a631b778d70_exe32.exe

Files

3bbd86216258aff3d3274a631b778d70_exe32.exe
.exe windows:4 windows x86

7bcb0d5af5371fb57ff7d390631f6d01

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetSysColor
IsDialogMessageA
SetWindowPos
SetWindowPlacement
OpenIcon
EndDeferWindowPos
EnumChildWindows
AdjustWindowRectEx

ole32

CLSIDFromProgID
OleCreateEmbeddingHelper
GetHGlobalFromStream
OleTranslateAccelerator
WriteClassStm
CoFreeAllLibraries
WriteClassStg
CoGetTreatAsClass

advapi32

RegCreateKeyA
DeregisterEventSource
ReportEventW
BackupEventLogA
AdjustTokenPrivileges
RegReplaceKeyA
RegNotifyChangeKeyValue
RegLoadKeyA
RegConnectRegistryA
RegCloseKey

urlmon

CreateFormatEnumerator
CreateAsyncBindCtx
IsAsyncMoniker

shlwapi

PathCompactPathExW
PathIsRootA
PathRemoveArgsW
SHRegDeleteUSValueA
StrCpyW
PathFileExistsA
PathParseIconLocationA
SHGetValueA
StrCSpnA

kernel32

WritePrivateProfileStructA
GetModuleHandleA
GetProcAddress
CreateSemaphoreA
SuspendThread
ResumeThread
TlsSetValue
VirtualAlloc
QueryPerformanceCounter
DeleteFileA
FreeEnvironmentStringsA
CloseHandle
HeapFree
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
GetLastError
ReadFile
HeapDestroy
HeapCreate
VirtualFree
DeleteCriticalSection
HeapAlloc
HeapReAlloc
MultiByteToWideChar
GetStringTypeA
GetStringTypeW
WideCharToMultiByte
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetCurrentThreadId
TlsAlloc
SetLastError
TlsGetValue
RtlUnwind
WriteFile
CreateFileA
SetStdHandle
SetFilePointer
InterlockedDecrement
InterlockedIncrement
GetCPInfo
GetACP
GetOEMCP
LoadLibraryA
FlushFileBuffers
SetEndOfFile
LCMapStringA
LCMapStringW

msvfw32

DrawDibTime
GetOpenFileNamePreviewA
DrawDibGetPalette

avifil32

AVISaveOptionsFree
AVIStreamGetFrameClose
AVIStreamInfoA

avicap32

capCreateCaptureWindowW

uxtheme

SetWindowTheme

wsnmp32

ord400

comdlg32

GetSaveFileNameA
PrintDlgA
ReplaceTextW
GetFileTitleW
FindTextW
GetOpenFileNameA
PageSetupDlgA
FindTextA
CommDlgExtendedError
ReplaceTextA

Sections

.text
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 544KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 405KB - Virtual size: 404KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7bcb0d5af5371fb57ff7d390631f6d01

Headers

File Characteristics

Imports

user32

ole32

advapi32

urlmon

shlwapi

kernel32

msvfw32

avifil32

avicap32

uxtheme

wsnmp32

comdlg32

Sections

.text Size: 32KB - Virtual size: 31KB

.rdata Size: 12KB - Virtual size: 12KB

.data Size: 4KB - Virtual size: 544KB

.rsrc Size: 405KB - Virtual size: 404KB

.reloc Size: 6KB - Virtual size: 6KB

.text
Size: 32KB - Virtual size: 31KB

.rdata
Size: 12KB - Virtual size: 12KB

.data
Size: 4KB - Virtual size: 544KB

.rsrc
Size: 405KB - Virtual size: 404KB

.reloc
Size: 6KB - Virtual size: 6KB