3844aebcb96aa3288f9a67aa1871a6ce

Sharing

Copy URL Twitter E-mail

General

Target

3844aebcb96aa3288f9a67aa1871a6ce
Size

101KB
MD5

3844aebcb96aa3288f9a67aa1871a6ce
SHA1

c74397a7136a43811f05eb6f8cd577497dcf79a1
SHA256

55f71cc008ea2908a08db70328867339f0e6a55b3992eaa4ddcfd141d59e339d
SHA512

41836fcfd7d6c99cf24afb1d30568b65563b9d6ebb780364a6146730e39bb839aab76e1114797abe09e9791c1e39ac3f666c32b314e671af89c13f4731a32245
SSDEEP

1536:GCiuy6TLGM67goiX3q3eb4u/Y/MwSYd/4wOiOwdC8XwCRosZpmyhgoPU0ksLrQ7N:irqxTXa3d3916LxwT1oUpJ57kMyHnt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/040253F5FF91708D50A5203D166F580B.VIR

Files

3844aebcb96aa3288f9a67aa1871a6ce
.zip
040253F5FF91708D50A5203D166F580B.VIR
.exe windows:4 windows x86 arch:x86

4c1ca7fc217190edd2f906491b79874b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCommandLineA
GetModuleFileNameA
GetCommandLineA
GetDateFormatA
GetCommandLineA
HeapAlloc
GetCommandLineA
GetFileSize
GetCommandLineA
lstrcpynA
GetCommandLineA
lstrcmpiA
GetCommandLineA
lstrcatA
GetCommandLineA
GetModuleHandleA
GetCommandLineA

user32

InsertMenuA
AppendMenuA
IsMenu
DrawIcon
GetMenu
CalcMenuBar
CloseWindow
CreateIcon
GetFocus
GetDC
IsWindow
BlockInput
AlignRects
DialogBoxParamA
EndDialog
DrawTextA
CopyRect
GetCursor
AppendMenuW
DialogBoxParamW
CopyImage
LoadMenuA
GetWindowTextA
GetDlgItem
GetWindowTextLengthA
DrawTextW
CopyIcon
LoadCursorA
DrawIconEx

advapi32

RegLoadKeyW
RegReplaceKeyW
RegEnumValueW
RegDeleteValueA
RegQueryValueExA
RegQueryInfoKeyA
RegCreateKeyExW
RegQueryValueW
RegQueryValueExW
RegEnumKeyExA
RegDeleteValueW
RegCreateKeyExA
RegOpenKeyExA
RegOpenKeyExW
RegDeleteKeyW
RegGetKeySecurity
RegQueryValueA
RegCreateKeyW
RegQueryInfoKeyW
RegEnumKeyExW
RegDeleteKeyA
RegReplaceKeyA
RegFlushKey
RegOpenKeyA
RegEnumKeyW
RegOpenKeyW
RegLoadKeyA
RegEnumKeyA
RegEnumValueA
RegFlushKey
RegCreateKeyW
RegQueryInfoKeyW
RegEnumKeyA
RegReplaceKeyA
RegDeleteKeyW
RegQueryValueA
RegQueryValueW
RegQueryValueExA
RegEnumValueW
RegOpenKeyExW
RegDeleteValueA
RegDeleteValueW
RegOpenKeyExA
RegEnumKeyExA
RegQueryInfoKeyA
RegOpenKeyW
RegEnumKeyW
RegEnumKeyExW
RegCreateKeyExW
RegCreateKeyExA
RegDeleteKeyA
RegLoadKeyW
RegReplaceKeyW
RegQueryValueExW
RegLoadKeyA
RegGetKeySecurity
RegOpenKeyA
RegEnumValueA

Sections

.text
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 96KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.r3a7a
Size: 6KB - Virtual size: 139KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 5KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.r21c
Size: 1024B - Virtual size: 2KB

IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4c1ca7fc217190edd2f906491b79874b

Headers

File Characteristics

Imports

kernel32

user32

advapi32

Sections

.text Size: 19KB - Virtual size: 18KB

.data Size: 96KB - Virtual size: 96KB

.r3a7a Size: 6KB - Virtual size: 139KB

.reloc Size: 5KB - Virtual size: 6KB

.r21c Size: 1024B - Virtual size: 2KB

.text
Size: 19KB - Virtual size: 18KB

.data
Size: 96KB - Virtual size: 96KB

.r3a7a
Size: 6KB - Virtual size: 139KB

.reloc
Size: 5KB - Virtual size: 6KB

.r21c
Size: 1024B - Virtual size: 2KB