3ff1d5ea346d702ebd454d8f4e1600b0

Sharing

Copy URL Twitter E-mail

General

Target

3ff1d5ea346d702ebd454d8f4e1600b0
Size

44KB
MD5

3ff1d5ea346d702ebd454d8f4e1600b0
SHA1

9fe5b963a96dd9c430404084a89b94bfe8de971b
SHA256

bd2aef61047df3ca156f4d6841141a8c92fb9591632d490a3142150b742ab0ee
SHA512

80a483ca550dde5eb4efd3f2aa2605e7cf4202df48fce5bdb063b174c6e613ac49e7ac4c57560475b9aaa9ce7bb959b325dfa900c4ab802ede4533802b81bc20
SSDEEP

384:hiIpgmvDYmiQmZpirn2n26n/AAHalnL1iSrGvybdAA+kQvmcsKOHFhbTiM41bbU2:XpnreZYU0zjUzsKOHXTjMP5f5R+wCA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3ff1d5ea346d702ebd454d8f4e1600b0

Files

3ff1d5ea346d702ebd454d8f4e1600b0
.exe windows:5 windows x86 arch:x86

2fc0380d0f3da47b77661757d490b5cb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

VirtualProtect
InterlockedDecrement
HeapDestroy
GetSystemTimeAsFileTime
LoadLibraryW
GetModuleHandleW
EnterCriticalSection
LocalAlloc
VirtualAlloc
LocalAlloc
VirtualProtect
GetModuleHandleW
LocalFree
GetTickCount
GetProcessHeap
LoadLibraryA
GetCurrentThreadId
GetModuleHandleW
QueryPerformanceCounter
LeaveCriticalSection
CreateFileW
GetVersionExA
LocalFree
DisableThreadLibraryCalls
GetSystemTimeAsFileTime
VirtualProtect
HeapAlloc
CloseHandle
QueryPerformanceCounter
LeaveCriticalSection
FreeLibrary
GetCurrentThreadId
LocalAlloc
GetVersionExA
GetModuleHandleA
ReadFile
UnhandledExceptionFilter
InterlockedExchange
InterlockedIncrement
lstrcmpiW
HeapDestroy
DeleteCriticalSection
GetModuleHandleA
Sleep
GetLastError
GetModuleFileNameA
GetCurrentProcess
GetTickCount
FreeLibrary
GetProcessHeap
GetSystemTimeAsFileTime
CreateEventW
LoadLibraryA
VirtualProtect
UnhandledExceptionFilter
GetModuleHandleA
FreeLibrary
MultiByteToWideChar
CreateEventW
GetTickCount
LeaveCriticalSection
LocalAlloc
GetLastError
GetModuleFileNameW
CreateThread
Sleep
CreateEventW
InterlockedExchange
InterlockedExchange
LoadLibraryW
LocalAlloc
GetCurrentThreadId
VirtualProtect
InterlockedDecrement
GetCurrentProcess
GetProcAddress
GetProcAddress
GetVersionExA
Sleep
LoadLibraryW
InterlockedIncrement
CreateThread
CloseHandle
GetCurrentThreadId
GetProcAddress
lstrlenA
lstrcmpiW
LocalFree
InterlockedDecrement
ReadFile
CreateFileW
GetSystemTimeAsFileTime
VirtualProtect
InterlockedExchange
GetModuleFileNameA
QueryPerformanceCounter
LoadLibraryA
CreateFileW
DeleteCriticalSection
GetModuleHandleA
LocalAlloc
InterlockedDecrement
GetModuleFileNameA
DeleteCriticalSection

user32

EndDialog
EndDialog
SetForegroundWindow
LoadStringW
SendMessageW
GetClientRect
wsprintfA
GetFocus
ShowWindow
GetParent
PostMessageW
SetCursor
DialogBoxParamW
GetFocus
SendDlgItemMessageW
DestroyWindow
BeginPaint
KillTimer
SetFocus
IsDlgButtonChecked
wsprintfA
MessageBoxW
SetWindowPos
SetTimer
IsDlgButtonChecked
GetDC
LoadIconW
GetDesktopWindow
GetDC
MessageBoxW
GetDC
EndPaint
SetTimer
InvalidateRect
SetWindowLongW
SetWindowTextW
CharNextW
GetDlgItem
PostMessageW
SetCursor
GetDlgItem
SetWindowTextW
LoadIconW
DestroyWindow
SetTimer
ShowWindow
SetWindowLongW
LoadStringW
PostMessageW
KillTimer
GetParent
GetSysColor
EndDialog
wsprintfA
LoadCursorW
CreateWindowExW
ReleaseDC
LoadIconW
PostQuitMessage
wsprintfA
GetClientRect
IsDlgButtonChecked
GetClientRect
SetDlgItemTextW
DialogBoxParamW
EnableWindow
LoadCursorW
GetWindowRect
SendMessageW
SendDlgItemMessageW
SetWindowLongW
SendMessageW
LoadIconW
ReleaseDC
LoadIconW
IsWindow
ShowWindow
GetClientRect
GetClientRect
SetWindowLongW
LoadStringW
GetFocus
GetFocus
LoadIconW
SetWindowLongW
PeekMessageW
GetDC
CharNextW
ShowWindow
GetSysColor
EndDialog
GetDesktopWindow
IsDlgButtonChecked
BeginPaint
ShowWindow
DefWindowProcW
SetCursor
PostQuitMessage
GetParent
GetSysColor
GetWindowRect

Sections

.text
Size: 34KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2fc0380d0f3da47b77661757d490b5cb

Headers

File Characteristics

Imports

kernel32

user32

Sections

.text Size: 34KB - Virtual size: 36KB

.data Size: - Virtual size: 4KB

.rdata Size: 5KB - Virtual size: 8KB

.rsrc Size: 3KB - Virtual size: 4KB

.text
Size: 34KB - Virtual size: 36KB

.data
Size: - Virtual size: 4KB

.rdata
Size: 5KB - Virtual size: 8KB

.rsrc
Size: 3KB - Virtual size: 4KB