3564ec997cfeef6f3503c6617d3d15a7

Sharing

Copy URL Twitter E-mail

General

Target

3564ec997cfeef6f3503c6617d3d15a7
Size

200KB
MD5

3564ec997cfeef6f3503c6617d3d15a7
SHA1

311a896a87367d42e23b9789b1564e651d433c61
SHA256

e917bbd3049a87310456631773933bfd2d8ed22ae1fcca05bc12f2fd7854eb13
SHA512

1535c5767343b02de56f4b279aad796988c9a50273e2c85fc8d3fbe9b539c1473319a1804f42ceac57c7a4bafbbd64d1bd37e455b29a5dd2512906fab67795ac
SSDEEP

3072:M/XA8+LQCNilZJufLouygI6HLlkMftOLB0JjLONfRNDWswzcHtmFJW:M/Z+ECuZJTulyAtOCJOysdmW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3564ec997cfeef6f3503c6617d3d15a7

Files

3564ec997cfeef6f3503c6617d3d15a7
.exe windows:4 windows x86 arch:x86

a07fb06533bb419b7b8c08712a8b819b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ord17

kernel32

InitializeCriticalSection
CloseHandle
WaitForMultipleObjects
SetEvent
CreateThread
WaitForSingleObject
ResetEvent
MultiByteToWideChar
WideCharToMultiByte
GetLastError
CompareStringA
CompareStringW
lstrlenA
LocalFree
FormatMessageA
CreateDirectoryA
DeleteFileA
SetFileAttributesA
RemoveDirectoryA
GetShortPathNameA
GetFullPathNameA
GetCurrentDirectoryA
GetTempPathA
GetTempFileNameA
FindClose
FindFirstFileA
FindNextFileA
CreateFileA
GetFileSize
SetFilePointer
ReadFile
SetFileTime
WriteFile
SetEndOfFile
CreateEventA
GetWindowsDirectoryA
LeaveCriticalSection
EnterCriticalSection
AreFileApisANSI
Sleep
CreateProcessA
SetCurrentDirectoryA
GetModuleFileNameA
GetCommandLineW
SetLastError
InterlockedIncrement
InterlockedDecrement
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
LoadLibraryA
GetProcAddress
DeleteCriticalSection
TlsGetValue
GetCPInfo
IsBadCodePtr
GetACP
IsBadWritePtr
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetVersionExA
GetEnvironmentVariableA
RtlUnwind
RaiseException
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
HeapFree
HeapAlloc
GetCurrentThreadId
TlsSetValue
TlsAlloc
GetOEMCP
GetStdHandle
GetFileType
IsBadReadPtr
SetUnhandledExceptionFilter
TerminateProcess
GetCurrentProcess
HeapReAlloc
HeapSize
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount

user32

SendMessageA
DestroyWindow
MessageBoxA
PostMessageA
ShowWindow
GetDlgItem
SetTimer
SetWindowTextA
MessageBoxW
LoadStringA
CharPrevA
CharNextA
DialogBoxParamA
SetWindowLongA
GetWindowLongA
KillTimer
EndDialog

oleaut32

VariantClear
SysAllocString

Sections

.text
Size: 87KB - Virtual size: 87KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a07fb06533bb419b7b8c08712a8b819b

Headers

File Characteristics

Imports

comctl32

kernel32

user32

oleaut32

Sections

.text Size: 87KB - Virtual size: 87KB

.rdata Size: 15KB - Virtual size: 14KB

.data Size: 12KB - Virtual size: 14KB

.rsrc Size: 3KB - Virtual size: 2KB

.text
Size: 87KB - Virtual size: 87KB

.rdata
Size: 15KB - Virtual size: 14KB

.data
Size: 12KB - Virtual size: 14KB

.rsrc
Size: 3KB - Virtual size: 2KB