3ef8f218dc7ad7516e50f46690b6e6bd

Sharing

Copy URL

Twitter E-mail

General

Target

3ef8f218dc7ad7516e50f46690b6e6bd
Size

40KB
MD5

3ef8f218dc7ad7516e50f46690b6e6bd
SHA1

c10b9c7f59bf29bf5002c27afdbfd6b7b922d6c2
SHA256

bbe0ba2ff15e27ae13af01dd8fe38c3d551f702e29c603bb93628044e7bf9dce
SHA512

701e5c4e255f7f02485e810d7c7e582268e265602f3daaa7820180e55d396a39b1cc6af8a6a24cda0c05b6f56991541b4de1213d1641ed0e698521db784e66af
SSDEEP

768:xPGdKOTb6xzYoQW/dHY+cKMpfDbOL3Kac:xPGdKO/6x8oQOd4+cKMpfDb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3ef8f218dc7ad7516e50f46690b6e6bd

Files

3ef8f218dc7ad7516e50f46690b6e6bd
.exe windows:4 windows x86 arch:x86

090d71ce8ef0ce3af1563041823a3118

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileSize
CreateFileA
GetVolumeInformationA
GetProcAddress
LoadLibraryA
SetFileAttributesA
MultiByteToWideChar
lstrlenA
WriteFile
lstrcmpiA
GetTempPathA
lstrcmpA
WaitForSingleObject
ResetEvent
GetTickCount
CreateEventA
WideCharToMultiByte
ReadFile
DeleteFileA
GetCurrentThreadId
GetModuleFileNameA
ExpandEnvironmentStringsA
Sleep
CopyFileA
GetLastError
GetStartupInfoA
GetModuleHandleA
CloseHandle
FindFirstFileA
FindClose
lstrlenW
FindNextFileA

shell32

CommandLineToArgvW

shlwapi

StrStrA
StrTrimA
StrPBrkA

iphlpapi

GetAdaptersInfo

msvcp60

?_Split@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXXZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV?$allocator@D@1@@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
?_Xran@std@@YAXXZ
?_Eos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXI@Z
?_Xlen@std@@YAXXZ
?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z
?_Copy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXI@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
?_Grow@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAE_NI_N@Z
?_C@?1??_Nullstr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@CAPBDXZ@4DB

ole32

CoInitialize
CoCreateInstance

oleaut32

SysAllocString
SysFreeString

msvcrt

__CxxFrameHandler
_wcsupr
_strdup
_stricmp
_strlwr
_strupr
_controlfp
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
_XcptFilter
_exit
_except_handler3
sprintf
strncat
strncpy
free
strstr
malloc
sscanf
atoi
strchr
fclose
??2@YAPAXI@Z
fopen
fprintf
time
strtok
exit
fwrite
fputs
rand
fread
ftell
fseek
memmove

Sections

.text
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

090d71ce8ef0ce3af1563041823a3118

Headers

File Characteristics

Imports

kernel32

shell32

shlwapi

iphlpapi

msvcp60

ole32

oleaut32

msvcrt

Sections

.text Size: 28KB - Virtual size: 27KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 4KB - Virtual size: 4KB

.text
Size: 28KB - Virtual size: 27KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 4KB - Virtual size: 4KB