3f081ec760c67085e92ebfad7f8cede0

Sharing

Copy URL Twitter E-mail

General

Target

3f081ec760c67085e92ebfad7f8cede0
Size

114KB
MD5

3f081ec760c67085e92ebfad7f8cede0
SHA1

c4729bcb38e98383f2baf211aad27f143e0bf288
SHA256

e83d5577d629a649799185a22fd5a95f9f7d6c31880e6da47a883804b165189e
SHA512

0c56583fc7e35dcc8e766e9eaa1c717a7be4a7cc885357d7d9ee48e59b3819ceaf839a4ab2b6f83fb737d739ec2fc4c17730e797d281c6858bc263b5f38e43e4
SSDEEP

1536:yqNRDsDN23iVTjk8u8ZHUbTD0cOm2fmxujoSX0vR/jcZpqbnDWh3Rq+:bN6YiVTjkTR2uxujoPSvzd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3f081ec760c67085e92ebfad7f8cede0

Files

3f081ec760c67085e92ebfad7f8cede0
.exe windows:4 windows x86 arch:x86

5c4c416daccf7ca7fe4481dcece61232

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_AGGRESIVE_WS_TRIM
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WaitForSingleObject
Sleep
InterlockedExchange
CreateProcessA
OpenEventA
InitializeCriticalSection
DeleteCriticalSection
GetModuleFileNameA
LeaveCriticalSection
EnterCriticalSection
GetLocalTime
GetTickCount
CreateMutexA
lstrcmpiA
GetVersionExA
GetCurrentProcess
GetPrivateProfileStringA
SetPriorityClass
GetCommandLineA
lstrlenA
FreeLibrary
GetDiskFreeSpaceA
SetErrorMode
GetCurrentDirectoryA
GetCurrentThreadId
GetCurrentProcessId
SetEndOfFile
WriteFile
ReadFile
SetFilePointer
GetFileSize
CreateFileA
VirtualQuery
GetPrivateProfileIntA
UnmapViewOfFile
GetVersion
CreateFileMappingA
GetLastError
OpenFileMappingA
MapViewOfFile
LoadLibraryA
GetProcAddress
GetModuleHandleA
WideCharToMultiByte
GetOEMCP
FlushFileBuffers
SetStdHandle
IsBadCodePtr
CloseHandle
MultiByteToWideChar
IsBadReadPtr
InterlockedIncrement
InterlockedDecrement
GetStringTypeW
GetStringTypeA
IsBadWritePtr
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetEnvironmentVariableA
GetFileType
GetStdHandle
RtlUnwind
GetStartupInfoA
ExitProcess
HeapFree
TerminateProcess
HeapReAlloc
HeapAlloc
HeapSize
GetCPInfo
GetACP
SetUnhandledExceptionFilter
GetEnvironmentStringsW
SetHandleCount
LCMapStringA
LCMapStringW
TlsSetValue
TlsAlloc
SetLastError
TlsGetValue
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings

user32

PostQuitMessage
PostMessageA
IsWindow
LoadStringA
SetTimer
KillTimer
CloseDesktop
OpenDesktopA
SystemParametersInfoA
GetForegroundWindow
FindWindowA
SendMessageA
FindWindowExA
TranslateMessage
DispatchMessageA
RegisterClassExA
CreateWindowExA
DefWindowProcA
DialogBoxParamA
SetWindowTextA
GetDlgItem
SetWindowPos
GetWindowRect
GetSystemMetrics
MoveWindow
SetActiveWindow
EndDialog
GetMessageA
EnumChildWindows

gdi32

GetStockObject

advapi32

SetSecurityDescriptorDacl
InitializeSecurityDescriptor
RegCloseKey
RegQueryValueExA
RegOpenKeyExA

comctl32

InitCommonControlsEx

Sections

.text
Size: 48KB - Virtual size: 45KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.+%
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

5c4c416daccf7ca7fe4481dcece61232

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

comctl32

Sections

.text Size: 48KB - Virtual size: 45KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 16KB - Virtual size: 20KB

.rsrc Size: 36KB - Virtual size: 34KB

.+% Size: 2KB - Virtual size: 2KB

.text
Size: 48KB - Virtual size: 45KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 16KB - Virtual size: 20KB

.rsrc
Size: 36KB - Virtual size: 34KB

.+%
Size: 2KB - Virtual size: 2KB