33a3d4755375fe9f4b559b5cd60a558a

Sharing

Copy URL Twitter E-mail

General

Target

33a3d4755375fe9f4b559b5cd60a558a
Size

101KB
MD5

33a3d4755375fe9f4b559b5cd60a558a
SHA1

bd37b8b2a2784332a577597f533a1e8bd60e3fc5
SHA256

511043541ea7ef7e4e74bfe20b02fbf7f1149dec7153b81ef2e23b8630d0eef5
SHA512

ae782444b7003068e28c4859875313952212ef4e3d8a4809d6a56100aa7bd28d1017a4da6e95bf71c2cd86a4123bb5a62f7e11b95f439ba23d7eeb21593e4bf0
SSDEEP

3072:vOh2sgO1XkhqGxPbbbZbbxbbFzF9DpiBG0d/Q:vOh2BO1XkQGHFriBG0dI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
33a3d4755375fe9f4b559b5cd60a558a

Files

33a3d4755375fe9f4b559b5cd60a558a
.exe windows:4 windows x86 arch:x86

0fffbc36dae1b35b13b3d7bf300c42b4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_vsnprintf
free
__p__commode
_except_handler3
_adjust_fdiv
exit
__set_app_type
strcpy
__p__fmode
fprintf
_iob
strlen
fclose
fflush
_acmdln
printf
strncpy
fopen
__getmainargs
__setusermatherr
fseek
_setmode
_onexit
fread
_strnicmp
malloc
strcmp
atoi
_XcptFilter
memcpy
fwrite
_exit
_initterm
remove

kernel32

WideCharToMultiByte
GetSystemTime
SetStdHandle
GetProcAddress
lstrcatA
LoadLibraryA
DisableThreadLibraryCalls
GetModuleHandleW
SetThreadLocale
IsBadCodePtr
InterlockedIncrement
TerminateProcess

advapi32

InitializeAcl
RegOpenKeyW
InitiateSystemShutdownA
OpenThreadToken
CryptAcquireContextA
RegQueryInfoKeyA
RegQueryValueA
RegQueryValueExA

oleaut32

VariantInit
SysReAllocStringLen
SetErrorInfo
SafeArrayGetElement
GetActiveObject
SysAllocStringByteLen
SafeArrayPtrOfIndex
VariantClear

user32

GetDesktopWindow
DrawMenuBar
IsWindowVisible
DrawFrameControl
ClientToScreen
FillRect
GetWindowPlacement
GetIconInfo
UnhookWindowsHookEx
WindowFromPoint
GetMessagePos
DialogBoxParamA

shell32

SHBrowseForFolderA
SHBrowseForFolder
DragQueryFile
SHGetMalloc
SHGetPathFromIDList
SHGetSpecialFolderPathW
DragAcceptFiles
SHGetFolderPathA
SHAppBarMessage
ShellExecuteEx
SHCreateDirectoryExA

ole32

CoRevokeClassObject
CoReleaseMarshalData
CoFreeUnusedLibraries
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
GetRunningObjectTable
StringFromCLSID

comctl32

CreatePropertySheetPageW
ImageList_Draw
ImageList_Destroy
ImageList_LoadImageW
ImageList_DragShowNolock

gdi32

CreateDCA
CreateCompatibleDC
PlayEnhMetaFile
FrameRgn
TranslateCharsetInfo
PtVisible
SetViewportOrgEx
GdiFlush
RectInRegion
CreatePenIndirect
GetWindowOrgEx
Arc
GetSystemPaletteEntries
UnrealizeObject

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 37KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 57KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0fffbc36dae1b35b13b3d7bf300c42b4

Headers

File Characteristics

Imports

msvcrt

kernel32

advapi32

oleaut32

user32

shell32

ole32

comctl32

gdi32

Sections

.text Size: 2KB - Virtual size: 2KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 37KB - Virtual size: 63KB

.rsrc Size: 57KB - Virtual size: 56KB

.text
Size: 2KB - Virtual size: 2KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 37KB - Virtual size: 63KB

.rsrc
Size: 57KB - Virtual size: 56KB