3fd4ef8d33f61813ff5543df5fc2e290

Sharing

Copy URL Twitter E-mail

General

Target

3fd4ef8d33f61813ff5543df5fc2e290
Size

293KB
MD5

3fd4ef8d33f61813ff5543df5fc2e290
SHA1

c688ef2d07dc15330a0443264a714cf202fe9632
SHA256

75e3b681279ececbac372d7209c6e69194c8d511462ab015df0b69e14278e430
SHA512

3d82f0a2cceb13743a9fd60174870a80ea52402b13467364c7628c587f71b7f730f4c6a8642ed87b20e6dd80bc77d924f329f1e8e06d6bcbc15970a572acfe84
SSDEEP

6144:RINPE/Twqf3WboTeiZIjaUjkfgU/DkM8SiJB+aaQ7IGMnKuC5g40e+cB6UC9:SNPELwFli7ULU/DkVj+OQt40l

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3fd4ef8d33f61813ff5543df5fc2e290

Files

3fd4ef8d33f61813ff5543df5fc2e290
.exe windows:7 windows x86 arch:x86

7412b2c7bef8f56dcfae451c023ed3f1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

msvcrt

wcschr
wcscat
_c_exit
_initterm
wcsncpy
_ftol
_wcsicmp
_controlfp
wcscpy
memmove
__set_app_type
towlower
strtoul
_adjust_fdiv
free
_XcptFilter
_wcsnicmp
iswspace
wcslen
_cexit
wcsrchr
_wtoi
??2@YAPAXI@Z
__lconv_init
_mbschr
??3@YAXPAX@Z
_mbsrchr

setupapi

SetupCloseInfFile
SetupGetLineCountW
SetupFindNextLine
SetupOpenAppendInfFileW
SetupOpenInfFileW
SetupFindFirstLineW

advapi32

LookupPrivilegeValueW
RegEnumKeyExW
RegSetValueExW
RegQueryValueW
LookupAccountSidW
RegQueryValueExW
GetTokenInformation
EqualSid
RegOpenKeyExW
RegCloseKey

kernel32

GetModuleHandleA
LeaveCriticalSection
GetModuleFileNameW
SetFilePointer
CreateEventA
FindClose
CreateProcessW
DeviceIoControl
GetTempFileNameA
FreeLibrary
LocalFree
lstrlenA
LocalFree
CreateFileW
SetCurrentDirectoryW
QueryPerformanceCounter
VirtualAlloc
UnhandledExceptionFilter
DeleteCriticalSection
GetTickCount
LoadLibraryW
DebugBreak
FindFirstFileA
GetProcAddress
WideCharToMultiByte
CreateEventW
CopyFileW
ReadFile
VirtualFree
HeapAlloc
HeapFree
LoadLibraryExW
HeapAlloc
CreateThread
GetFileAttributesW
LocalAlloc
ExpandEnvironmentStringsW
CloseHandle
GetLastError
GetVersionExA
GetCurrentProcess
GetModuleHandleW
GetProcessHeap
SetErrorMode
RtlMoveMemory
GetCommState
GetCurrentProcessId
TerminateProcess
WaitForMultipleObjects
CreateFileA
DeleteFileA
GetEnvironmentStringsW
GetProcessHeap
lstrcatW
GetCurrentThreadId
HeapSize
MultiByteToWideChar
InitializeCriticalSection
GetDiskFreeSpaceW
SetLastError
IsDBCSLeadByte
CreateDirectoryA
ExitProcess
CreateMutexW
EnterCriticalSection
GetVersionExA

shlwapi

PathAppendW
StrCmpIW
StrCpyNW
StrDupW
StrChrIW
PathIsRootW
PathIsDirectoryW

ole32

CoUninitialize
CoTaskMemFree
CoCreateInstance
CLSIDFromString

shell32

SHGetMalloc
SHBrowseForFolderW
SHGetDesktopFolder
SHGetSpecialFolderLocation

user32

ScreenToClient
FindWindowW
DialogBoxParamW
MessageBoxA
IsWindow
SetWindowLongA
GetClientRect
GetDlgItem
MessageBoxW
GetDC
InvalidateRect
SendMessageW
LoadStringA
SetFocus
SetWindowLongW
CreateWindowExW
ShowWindow
LoadCursorW
ReleaseDC
RedrawWindow
SetWindowPos
PostQuitMessage
GetWindowLongW
SystemParametersInfoW
GetMessageW
LoadImageW
GetWindowRect
wsprintfW
SendDlgItemMessageW
TranslateMessage
DispatchMessageW
EnumThreadWindows
EndDialog
LoadStringW
CopyRect

Sections

.text
Size: 244KB - Virtual size: 244KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 45KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 692KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7412b2c7bef8f56dcfae451c023ed3f1

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

setupapi

advapi32

kernel32

shlwapi

ole32

shell32

user32

Sections

.text Size: 244KB - Virtual size: 244KB

.data Size: 45KB - Virtual size: 44KB

.rsrc Size: 3KB - Virtual size: 692KB

.text
Size: 244KB - Virtual size: 244KB

.data
Size: 45KB - Virtual size: 44KB

.rsrc
Size: 3KB - Virtual size: 692KB