3120c421db8a8d8b27ec173b9eb69530

Sharing

Copy URL Twitter E-mail

General

Target

3120c421db8a8d8b27ec173b9eb69530
Size

70KB
MD5

3120c421db8a8d8b27ec173b9eb69530
SHA1

55ce3afb0f803299dd6f4694ef93d8ce9926522b
SHA256

d479cba1e75696e57d867022694b79eeec04e05d9f2252cf3e5f3ec30b49db6a
SHA512

8487e6fe2acbf7c88cc93d6dbfd76cb82324a5723bcaeac3762bd56ed4f44e242533122e1d6b3e2250bdc598d15ea236ed52ffe7b1321f6d2a358394bbc74131
SSDEEP

1536:cqc4kws6oUdlQgcpik8/NJj4NbyqKn6buK/2lh8MuHDqwlY:cqVkVUDIqbj4Re6b3+h8MkqwlY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3120c421db8a8d8b27ec173b9eb69530

Files

3120c421db8a8d8b27ec173b9eb69530
.exe windows:4 windows x86 arch:x86

3c969766c6e4cdef4d76df05d0351f40

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shfolder

SHGetFolderPathA

shell32

ShellExecuteA
SHGetSpecialFolderPathA
Shell_NotifyIconA
SHFileOperationA

comctl32

InitCommonControlsEx

ws2_32

WSAStartup
htons
inet_addr
gethostbyname
socket
connect
closesocket
WSACleanup

shlwapi

StrRChrA
StrCmpW
PathAppendA
PathRemoveFileSpecA
StrToIntA
StrStrA
StrFormatByteSizeA
StrChrA
PathCombineA

iphlpapi

GetAdaptersInfo

kernel32

QueryPerformanceCounter
GetStartupInfoA
GetCurrentThreadId
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
HeapDestroy
GetCurrentProcessId
VirtualQuery
GetProcessHeap
FreeResource
LocalAlloc
InterlockedExchange
GetACP
GetLocaleInfoA
GetThreadLocale
GetVersionExA
RaiseException
SizeofResource
LockResource
LoadResource
FindResourceA
FindResourceExA
GetLastError
GetProcAddress
GetModuleHandleA
CloseHandle
CreateMutexA
lstrcmpiA
WideCharToMultiByte
ExitProcess
lstrlenA
Sleep
lstrcpyA
lstrcatA
GetCommandLineA
GetModuleFileNameA
GetFileAttributesA
SetErrorMode
SetUnhandledExceptionFilter
lstrcmpA
GetTickCount
InitializeCriticalSection
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
CreateDirectoryA
lstrcpynA
GetTempPathA
ReadFile
CreateFileA
WriteFile
GetFileSize
FlushFileBuffers
SetFilePointer
DeleteFileA
TerminateProcess
GetCurrentProcess
TerminateThread
WaitForSingleObject
CreateThread
GetExitCodeProcess
CreateProcessA
GetSystemTimeAsFileTime
GetStringTypeExA
MapViewOfFileEx
CreateFileMappingA
UnmapViewOfFile
GetPrivateProfileSectionNamesA
GetPrivateProfileStringA
GetSystemTime
GetPrivateProfileIntA
ResumeThread
SetEvent
GetVolumeInformationA
CreateEventA
RtlUnwind
MultiByteToWideChar
FreeLibrary
LoadLibraryA

user32

CreateDialogParamA
wsprintfA
KillTimer
SetTimer
DestroyWindow
SetDlgItemTextA
GetDlgItemTextA
SendMessageA
IsWindowVisible
GetDlgItem
SetWindowTextA
DeleteMenu
GetSystemMenu
SetForegroundWindow
IsWindow
LoadIconA
DefWindowProcA
PostQuitMessage
ShowWindow
DialogBoxParamA
LoadImageA
CharNextA
PostThreadMessageA
SetWindowPos
GetWindowTextLengthA
GetSysColor
UpdateWindow
GetMessageA
IsDialogMessageA
TranslateMessage
DispatchMessageA
MessageBoxA
LoadStringA
LoadCursorA
GetSysColorBrush
RegisterClassExA
RegisterWindowMessageA
EndDialog
PostMessageA
PeekMessageA

advapi32

RegCloseKey
RegQueryValueExA
RegDeleteValueA
RegSetValueExA
RegOpenKeyExA
RegCreateKeyExA

ole32

CoUninitialize
CoGetClassObject
CoInitialize

Sections

.text
Size: 35KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.newsec
Size: 3KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

3c969766c6e4cdef4d76df05d0351f40

Headers

File Characteristics

Imports

shfolder

shell32

comctl32

ws2_32

shlwapi

iphlpapi

kernel32

user32

advapi32

ole32

Sections

.text Size: 35KB - Virtual size: 34KB

.rdata Size: 6KB - Virtual size: 6KB

.data Size: 512B - Virtual size: 10KB

.rsrc Size: 24KB - Virtual size: 23KB

.newsec Size: 3KB - Virtual size: 6KB

.text
Size: 35KB - Virtual size: 34KB

.rdata
Size: 6KB - Virtual size: 6KB

.data
Size: 512B - Virtual size: 10KB

.rsrc
Size: 24KB - Virtual size: 23KB

.newsec
Size: 3KB - Virtual size: 6KB