34cbbc24f0ec1edffcf3dfb0b2d0f40a

General

Target

34cbbc24f0ec1edffcf3dfb0b2d0f40a
Size

245KB
MD5

34cbbc24f0ec1edffcf3dfb0b2d0f40a
SHA1

c9d22efcde8128900d660e8eb1ebe8b1d255d784
SHA256

43fbabcfeb8f5e59adf93a04b79dc624905459c122c63c73c0ac80bce924452e
SHA512

5ce50aaabf277da9b241321215de39240666700c3a4e76f72d452e45befa61b052c95cd6ce4efcacd3e75c37daa017158b7d4f091bf2ff6abe77e7a41ddce04d
SSDEEP

3072:CKLEaTssKLx0KcoXipK5/axE177+jaHldMSfj8xYiE2IumhdX0Q5HoKdHUjKVSvs:C+JKAKBaMS8Dj4XnIv0QHLsSV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
34cbbc24f0ec1edffcf3dfb0b2d0f40a

Files

34cbbc24f0ec1edffcf3dfb0b2d0f40a
.exe windows:4 windows x86 arch:x86

9eedb28a527489f64f0ea9c847796d46

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

FillRgn
GetAspectRatioFilterEx
CopyEnhMetaFileA
DeleteDC
CreateCompatibleBitmap
CreateCompatibleDC
CreateSolidBrush
AddFontResourceA
CombineRgn
CreateDCW
CloseMetaFile
FrameRgn

advapi32

RegDeleteKeyA
OpenBackupEventLogA
RegOpenKeyExA
RegEnumValueA
RegSetValueExA
RegDeleteValueA
RegEnumKeyExA
RegisterEventSourceW
RegRestoreKeyA

shlwapi

StrCmpNIA
PathSetDlgItemPathW
StrIsIntlEqualA
StrToIntExW
SHRegCloseUSKey
SHDeleteValueA
PathIsRootW
PathIsSameRootA
PathIsContentTypeA
PathIsUNCServerShareA
StrCmpNA
PathRenameExtensionW
PathFindNextComponentA

kernel32

GetModuleHandleA
VirtualAllocEx
GetStdHandle
GetProcAddress
WriteProfileSectionA
GetPrivateProfileStructA
GetProfileSectionA
GetStartupInfoA

netapi32

Netbios
NetConfigGet
NetAuditWrite
NetErrorLogRead
NetFileEnum
NetGetAnyDCName
NetConnectionEnum
NetLocalGroupDelMembers
NetGroupAddUser
NetConfigSet
NetGetJoinableOUs
NetAuditRead

msvcrt

_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
exit
_XcptFilter
_acmdln
_exit

Sections

.text
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 202KB - Virtual size: 567KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9eedb28a527489f64f0ea9c847796d46

Headers

File Characteristics

Imports

gdi32

advapi32

shlwapi

kernel32

netapi32

msvcrt

Sections

.text Size: 14KB - Virtual size: 13KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 202KB - Virtual size: 567KB

.rsrc Size: 23KB - Virtual size: 23KB

.text
Size: 14KB - Virtual size: 13KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 202KB - Virtual size: 567KB

.rsrc
Size: 23KB - Virtual size: 23KB