3e8cb104086e3114a258c9ac1cce4837

Sharing

Copy URL Twitter E-mail

General

Target

3e8cb104086e3114a258c9ac1cce4837
Size

185KB
MD5

3e8cb104086e3114a258c9ac1cce4837
SHA1

6c6fb062c37ffdea51cb46342dc631fa19e0e471
SHA256

e503e4c0f26e51791759f293b657e22d8a90d757d26f1991fdf20fe151e1c975
SHA512

a4b0039bf480058c32ce4498a8ce495a45c473f24c8fbf7c2b796c68d02081251fad97aed86e1469105b0704f4fa85f099e51bc0408cc3006e53f1978850c271
SSDEEP

3072:Q72dJqx0hk/SrSYiZUWAlh38y2sbWQmuybHSXJW3x98tUJ:QizqxJmSYiZUWmh38zsqQmFJ98tUJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3e8cb104086e3114a258c9ac1cce4837

Files

3e8cb104086e3114a258c9ac1cce4837
.exe windows:4 windows x86 arch:x86

516e41d98a13fe026f0d36689df1fbf7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

CryptImportKey
CryptHashData
CryptCreateHash
RegCloseKey
RegQueryValueExA
CryptGetHashParam
RegEnumKeyExA
RegOpenKeyExA
RegQueryInfoKeyA
RegEnumValueA
CryptDestroyKey
CryptEncrypt
RegSetValueExA
CryptDestroyHash
RegCreateKeyExA
RegDeleteValueA
CryptReleaseContext
CryptAcquireContextA
RegDeleteKeyA

wininet

InternetOpenUrlA
InternetOpenA
InternetReadFile
InternetCloseHandle

setupapi

SetupDiEnumDeviceInfo
SetupDiGetDeviceRegistryPropertyA
SetupDiGetClassDevsA

kernel32

GetLongPathNameW
CreateFileW
CreateFileA
DisableThreadLibraryCalls
LocalFree
GetTickCount
SetFilePointer
GetProcessHandleCount
Sleep
CreateFileMappingA
ReadFile
GetFileSize
GlobalFree
EnumResourceTypesA
GlobalSize
GetFileAttributesA
WriteFile
MapViewOfFile
UnmapViewOfFile
WideCharToMultiByte
LocalAlloc
GlobalAlloc
CloseHandle

shell32

SHGetSpecialFolderPathA
SHGetSpecialFolderPathW

user32

SetFocus
GetWindowTextA
GetDlgItem
GetWindowLongA
EndPaint
ReleaseCapture
DefWindowProcA
LoadCursorA
SetCapture
CreateAcceleratorTableA
FillRect
RegisterWindowMessageA
RegisterClassExA
GetWindow
GetFocus
KillTimer
IsWindow
GetSysColor
CharNextA
IsChild
MsgWaitForMultipleObjects
wsprintfA
BeginPaint
GetQueueStatus
ShowWindow
SendMessageTimeoutA
EnumDisplayDevicesA
PostMessageA
GetClassInfoExA
SendNotifyMessageA
FindWindowA
InvalidateRect
EqualRect
GetWindowTextLengthA
SetRect
SetWindowTextA
SetWindowLongA
GetActiveWindow
GetClientRect
wvsprintfA
RedrawWindow
DrawTextA
UnregisterClassA
GetWindowRect
GetParent
GetDesktopWindow
DispatchMessageA
SetTimer
GetClassNameA
ReleaseDC
DestroyAcceleratorTable
PeekMessageA
CreateDialogParamA
CopyRect
CallWindowProcA
GetDC
InvalidateRgn
SendMessageA
PostThreadMessageA
MoveWindow
CreateWindowExA
SetParent
DestroyWindow
SetWindowPos

gdi32

DeleteDC
CreateCompatibleBitmap
SelectPalette
GetStockObject
SetStretchBltMode
GetDIBits
CreateFontA
BitBlt
DeleteObject
CreateCompatibleDC
ExtEscape
CreateDIBitmap
CreateDIBSection
RealizePalette
SelectObject
StretchDIBits
CreateSolidBrush
GetDeviceCaps
GetObjectA
SetBkMode

shlwapi

PathFileExistsW
PathCombineW

ole32

BindMoniker
StgOpenStorage
CreateItemMoniker
CoGetClassObject
CoCreateInstance
CreateStreamOnHGlobal
OleLockRunning
OleInitialize
CoUninitialize
StringFromGUID2
CoTaskMemFree
StgCreateDocfile
CoTaskMemRealloc
OleUninitialize
GetRunningObjectTable
StgIsStorageFile
CoInitializeSecurity
CLSIDFromProgID
CoInitialize
CoSetProxyBlanket
CreateBindCtx
CoTaskMemAlloc
CLSIDFromString

Sections

.text
Size: 104KB - Virtual size: 103KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 74KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 1024B - Virtual size: 368KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

516e41d98a13fe026f0d36689df1fbf7

Headers

File Characteristics

Imports

advapi32

wininet

setupapi

kernel32

shell32

user32

gdi32

shlwapi

ole32

Sections

.text Size: 104KB - Virtual size: 103KB

.rdata Size: 4KB - Virtual size: 4KB

.bss Size: 74KB - Virtual size: 74KB

.tls Size: 1024B - Virtual size: 368KB

.text
Size: 104KB - Virtual size: 103KB

.rdata
Size: 4KB - Virtual size: 4KB

.bss
Size: 74KB - Virtual size: 74KB

.tls
Size: 1024B - Virtual size: 368KB