3eb76bf20c1a5e2f3650224293a63313

Sharing

Copy URL Twitter E-mail

General

Target

3eb76bf20c1a5e2f3650224293a63313
Size

181KB
MD5

3eb76bf20c1a5e2f3650224293a63313
SHA1

5aa8c940292d1e14edb23f1f9462037d2dd6cd03
SHA256

e36968bc3df5cd855bad5effe06239069d46119343803783591f5af9f6eed53e
SHA512

b873c48d688e59c4afb70376bbebea99dcb8be2893def0580ba76abeb98331fd039ae1a3ceb181e7c48c97965cd05f3f8e275569a08e8748f436117dbac352b4
SSDEEP

3072:772bxZGS8xY+8whw3x7YMKzd+r/ZgDmeE1oEr53nXU:ixZGS8DI7YDGgiHHU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3eb76bf20c1a5e2f3650224293a63313

Files

3eb76bf20c1a5e2f3650224293a63313
.exe windows:4 windows x86 arch:x86

fd798b1a2bc92e87e0ac559f21fac220

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetUnhandledExceptionFilter
IsBadWritePtr
VirtualAlloc
GetCPInfo
SetStdHandle
IsBadReadPtr
IsBadCodePtr
GetACP
GetOEMCP
GetStringTypeA
GetStringTypeW
CompareStringA
CompareStringW
SetEnvironmentVariableA
Module32FirstW
OpenProcess
GetCurrentProcess
RemoveDirectoryW
GetComputerNameW
GetExitCodeProcess
WaitForSingleObject
CreateToolhelp32Snapshot
Process32FirstW
Process32NextW
GetWindowsDirectoryW
GetDriveTypeA
SetFileTime
GetShortPathNameW
FindFirstFileW
FindNextFileW
FindClose
GetDiskFreeSpaceW
GetFileTime
SystemTimeToFileTime
MultiByteToWideChar
LoadLibraryW
GetProcAddress
SetErrorMode
GetTempPathW
SetCurrentDirectoryW
CreateDirectoryW
SetFileAttributesW
GetFileAttributesW
GetModuleFileNameW
CopyFileW
DeleteFileW
CreateFileW
GetFileSize
SetFilePointer
SetEndOfFile
WriteFile
GetStartupInfoW
CreateProcessW
CreateMutexW
GetLastError
GetLogicalDriveStringsW
GetDriveTypeW
GetModuleFileNameA
GetFileAttributesA
CreateDirectoryA
VirtualFree
HeapCreate
HeapDestroy
GetVersionExA
GetEnvironmentVariableA
GetEnvironmentStringsW
FindResourceW
SizeofResource
LoadResource
LockResource
FreeResource
GetSystemTime
CreateThread
TerminateThread
Sleep
WideCharToMultiByte
GetVolumeInformationW
CreatePipe
GetStartupInfoA
CreateProcessA
CloseHandle
ReadFile
TerminateProcess
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetFileType
SetLastError
lstrcpyW
InterlockedIncrement
InterlockedDecrement
lstrlenW
lstrlenA
lstrcpynW
FileTimeToSystemTime
FileTimeToLocalFileTime
InitializeCriticalSection
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
LocalAlloc
LocalFree
TlsAlloc
GlobalFree
GlobalUnlock
GlobalHandle
GlobalLock
GlobalReAlloc
GlobalAlloc
TlsSetValue
LocalReAlloc
TlsGetValue
GetVersion
ResumeThread
GetCurrentThreadId
GetModuleHandleW
GlobalDeleteAtom
GlobalFindAtomW
GlobalAddAtomW
lstrcatW
FreeLibrary
LoadLibraryA
GetModuleHandleA
GetProcessVersion
lstrcmpiW
lstrcmpW
GlobalFlags
GetCurrentDirectoryW
FlushFileBuffers
GetFullPathNameW
RtlUnwind
ExitProcess
ExitThread
GetCommandLineA
HeapAlloc
HeapFree
RaiseException
GetTimeZoneInformation
HeapSize
HeapReAlloc
UnhandledExceptionFilter
LCMapStringA
LCMapStringW
SetHandleCount
GetStdHandle

user32

GrayStringW
DrawTextW
CreateWindowExW
UpdateWindow
SetTimer
GetDesktopWindow
LoadIconW
LoadCursorW
RegisterClassExW
FindWindowW
FindWindowExW
PostMessageW
GetMessageW
TranslateMessage
DispatchMessageW
wsprintfW
DefWindowProcW
LoadStringW
EnableWindow
MessageBoxW
SendMessageW
GetWindowLongW
IsWindowEnabled
GetLastActivePopup
GetParent
UnhookWindowsHookEx
SetWindowsHookExW
PeekMessageW
CallNextHookEx
GetKeyState
GetNextDlgTabItem
GetFocus
EnableMenuItem
CheckMenuItem
SetMenuItemBitmaps
ModifyMenuW
GetMenuState
LoadBitmapW
GetMenuCheckMarkDimensions
GetSystemMetrics
GetWindowRect
GetWindowPlacement
IsIconic
SystemParametersInfoW
RegisterWindowMessageW
SetWindowPos
SetWindowLongW
GetWindow
SetForegroundWindow
GetForegroundWindow
GetMessagePos
GetMessageTime
RemovePropW
CallWindowProcW
GetPropW
SetPropW
DestroyWindow
GetDlgCtrlID
GetWindowTextW
GetDlgItem
GetMenuItemID
GetSubMenu
GetMenuItemCount
GetMenu
RegisterClassW
GetClassInfoW
WinHelpW
GetCapture
GetTopWindow
CopyRect
GetClientRect
AdjustWindowRectEx
SetFocus
GetSysColor
MapWindowPoints
SetWindowTextW
GetSysColorBrush
ReleaseDC
GetDC
GetClassNameW
PtInRect
ClientToScreen
PostQuitMessage
DestroyMenu
TabbedTextOutW

shell32

ShellExecuteW
SHGetSpecialFolderPathW
SHGetPathFromIDListW
SHGetSpecialFolderLocation
ShellExecuteA
SHChangeNotify

gdi32

Escape
ExtTextOutW
TextOutW
RectVisible
PtVisible
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SetMapMode
GetStockObject
SelectObject
RestoreDC
SaveDC
DeleteDC
DeleteObject
GetDeviceCaps
GetObjectW
SetBkColor
SetTextColor
GetClipBox
CreateBitmap

winspool.drv

OpenPrinterW
ClosePrinter
DocumentPropertiesW

advapi32

RegCloseKey
RegRestoreKeyW
OpenProcessToken
LookupPrivilegeValueW
AdjustTokenPrivileges
RegOpenKeyExA
RegQueryValueExA

comctl32

ord17

ole32

CoInitialize
CoUninitialize
CoCreateInstance

Sections

.text
Size: 111KB - Virtual size: 111KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 19KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fd798b1a2bc92e87e0ac559f21fac220

Headers

File Characteristics

Imports

kernel32

user32

shell32

gdi32

winspool.drv

advapi32

comctl32

ole32

Sections

.text Size: 111KB - Virtual size: 111KB

.rdata Size: 17KB - Virtual size: 16KB

.data Size: 19KB - Virtual size: 37KB

.rsrc Size: 32KB - Virtual size: 32KB

.text
Size: 111KB - Virtual size: 111KB

.rdata
Size: 17KB - Virtual size: 16KB

.data
Size: 19KB - Virtual size: 37KB

.rsrc
Size: 32KB - Virtual size: 32KB