03fbf7a8b093cbe32250a9f0f12b3b9d

General

Target

03fbf7a8b093cbe32250a9f0f12b3b9d
Size

134KB
MD5

03fbf7a8b093cbe32250a9f0f12b3b9d
SHA1

d578a6e4d57ec6ccec2ae3d092c548a7f2227d45
SHA256

35e6a7bf993f04ed570cef6df0504381f53cb1a7c64718b35d182d07157b3084
SHA512

fb534f692dac3017e9c7461fd0df682c224750fc6bfd87565946c489bc7991176881e9f7a0a3d12eae66f504501b8fb36d3e311327420c147c571073cce8835d
SSDEEP

3072:Q99KqY5H+kuLmiZbpl1evlIMA3g1UXsVVBcC6gpCtVkeGHlSk+:Q97YM+2LwNIEUXGjTpCDkeSlS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
03fbf7a8b093cbe32250a9f0f12b3b9d

Files

03fbf7a8b093cbe32250a9f0f12b3b9d
.exe windows:5 windows x86 arch:x86

a36e2de8a583ed91845a4730d4538c7c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_commit
_adjust_fdiv
__p__osver
__wgetmainargs
iswctype
sprintf
__p__fmode
_stat
_finite
__p__commode
atoi
__setusermatherr
_write
_ftol
malloc
srand
rand
_chsize
memmove
_purecall
_tell
calloc
_rotl
__set_app_type
wcsrchr
_local_unwind2

kernel32

lstrcmpA
InitializeCriticalSectionAndSpinCount
ExitProcess
GetACP
lstrcpynW
lstrcatA
RtlUnwind
lstrcmpiW
GetCurrentProcessId
GetCurrentThreadId
VirtualAlloc
LocalAlloc
UnhandledExceptionFilter
GlobalLock

shell32

SHGetSpecialFolderLocation
SHBrowseForFolderA
CommandLineToArgvW
DragQueryFileW
SHChangeNotify
SHGetPathFromIDListA
SHGetSpecialFolderPathW
ShellExecuteA
ShellExecuteW
SHGetFileInfoW
DragQueryFileA
SHGetMalloc
SHBrowseForFolderW

ole32

CoTaskMemAlloc
StgCreateDocfileOnILockBytes
PropVariantCopy
CoCreateFreeThreadedMarshaler
CoTaskMemRealloc
CreateILockBytesOnHGlobal
CLSIDFromString
OleInitialize
CoRevokeClassObject
CreateBindCtx

advapi32

DeleteAce
CryptCreateHash
CryptDestroyHash
RegDeleteValueW
GetTraceEnableLevel
GetAce
RegEnumKeyA
CopySid
GetAclInformation
ImpersonateLoggedOnUser
RegOpenKeyW
IsValidSid
InitializeAcl
GetSecurityDescriptorLength
RegQueryValueW
RegConnectRegistryW
RegEnumKeyExA
OpenSCManagerW

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 65KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 60KB - Virtual size: 189KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 496B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a36e2de8a583ed91845a4730d4538c7c

Headers

File Characteristics

Imports

msvcrt

kernel32

shell32

ole32

advapi32

Sections

.text Size: 7KB - Virtual size: 7KB

.rdata Size: 65KB - Virtual size: 64KB

.data Size: 60KB - Virtual size: 189KB

.reloc Size: 512B - Virtual size: 496B

.text
Size: 7KB - Virtual size: 7KB

.rdata
Size: 65KB - Virtual size: 64KB

.data
Size: 60KB - Virtual size: 189KB

.reloc
Size: 512B - Virtual size: 496B