33839378c2e7d9d7389f59b4ec7259b6

General

Target

33839378c2e7d9d7389f59b4ec7259b6
Size

270KB
MD5

33839378c2e7d9d7389f59b4ec7259b6
SHA1

4f09a1d7c231ed9e4500e6ae47664331d35a6f91
SHA256

f0e7b3877666f3bbfdac4dc42d4bf7507a90d88bfdec1b47cb04151ce55dc029
SHA512

a69a3d4319e58f6071bd02e2066fc6d8d3e7334f63e285b83dc8a3213087398f014741a1fcb8104c9106e258a98aee347a5996c94fe425912a5c7d5dea84a88f
SSDEEP

6144:q7chyTTTWcvX2WcN7E1PrLEc1js20n7tIs2MS8TYoCh:q7zTKMX2Wk7mrDsh7tIs2KMoC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
33839378c2e7d9d7389f59b4ec7259b6

Files

33839378c2e7d9d7389f59b4ec7259b6
.exe windows:4 windows x86 arch:x86

a13bfb7730df0f3062836895f50c9dcd

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mprapi

MprConfigServerDisconnect
MprConfigServerConnect
MprConfigGetFriendlyName

setupapi

CM_Get_Parent
SetupDiGetDeviceRegistryPropertyW
CMP_WaitNoPendingInstallEvents
CM_Get_DevNode_Status

user32

DestroyWindow
CreateWindowExW
IsWindow
EnumChildWindows
GetDlgItem
SendMessageA
GetWindowThreadProcessId

kernel32

TlsFree
AddAtomA
GetSystemInfo
VirtualAlloc
SetLastError
GetOEMCP
GetModuleFileNameA
VirtualFree
GetStartupInfoA
GetFileType
GetCurrentProcess
TlsSetValue
InterlockedExchange
HeapCreate
TlsGetValue
GetCPInfo
FreeEnvironmentStringsA
HeapSize
GetCurrentProcessId
GetEnvironmentStringsW
WriteFile
GetStdHandle
EnumResourceLanguagesA
SetHandleCount
GetVersionExA
IsBadWritePtr
GetEnvironmentStrings
FormatMessageW
GetSystemTimeAsFileTime
TerminateProcess
HeapDestroy
GetACP
UnhandledExceptionFilter
VirtualQuery
SetEndOfFile
FreeEnvironmentStringsW
TlsAlloc
GetLocaleInfoA
QueryPerformanceCounter
SetUnhandledExceptionFilter

shell32

SHGetFolderPathW

iphlpapi

GetIpAddrTable

newdev

UpdateDriverForPlugAndPlayDevicesW

Sections

.text
Size: 137KB - Virtual size: 276KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 129KB - Virtual size: 129KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a13bfb7730df0f3062836895f50c9dcd

Headers

File Characteristics

Imports

mprapi

setupapi

user32

kernel32

shell32

iphlpapi

newdev

Sections

.text Size: 137KB - Virtual size: 276KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 129KB - Virtual size: 129KB

.rsrc Size: 512B - Virtual size: 4KB

.text
Size: 137KB - Virtual size: 276KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 129KB - Virtual size: 129KB

.rsrc
Size: 512B - Virtual size: 4KB