3b02f6ea1026b80325277a785756ec8d

Sharing

Copy URL Twitter E-mail

General

Target

3b02f6ea1026b80325277a785756ec8d
Size

921KB
MD5

3b02f6ea1026b80325277a785756ec8d
SHA1

d8770fbac1b7535cc35185c9d5f018a75b0d3376
SHA256

77fe9e4e21cbba379d2d19ecc58f850d98680ddd2cb53b1ba55e0cd9edaa05a4
SHA512

7bc3d12c6cfdf179ff25b5b0b658a9f5b4148ba6c9928765fd1f6a787af73072936a04e7da87e5862ebd70a0896d3bca7d75f52ffa016bffb77a0f2af6b45b17
SSDEEP

24576:tfKRxNISe3qfJq7KTY0eKKrG/Yk37KbsqoZB:tfKn+xekrOlWE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3b02f6ea1026b80325277a785756ec8d

Files

3b02f6ea1026b80325277a785756ec8d
.exe windows:4 windows x86 arch:x86

6e2e6a3b3d848a7e4ac8b60056cb76de

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

oleaut32

LoadTypeLibEx
QueryPathOfRegTypeLi
VariantCopy
SafeArrayPutElement
VariantChangeType
SysAllocStringLen

user32

SetCaretBlinkTime
UnloadKeyboardLayout
GetUpdateRgn
LoadImageA
GetMonitorInfoW
SetWindowsHookExW
CharUpperW
GetWindowPlacement
CharUpperBuffW
BroadcastSystemMessageW
LoadKeyboardLayoutA
GetClientRect
GrayStringW
MenuItemFromPoint
OpenInputDesktop

advapi32

LookupPrivilegeValueA
RegSetValueW
RegEnumKeyExA
SetSecurityDescriptorSacl
GetSecurityDescriptorLength

ole32

CoLockObjectExternal
CoCreateInstanceEx

version

GetFileVersionInfoA

kernel32

GetHandleInformation
WriteConsoleOutputCharacterA
PrepareTape
DuplicateHandle
IsBadReadPtr
SetNamedPipeHandleState
EraseTape
GetShortPathNameW
ExitThread
ConnectNamedPipe
CreatePipe
LocalAlloc
EnumCalendarInfoA
MoveFileExA
RemoveDirectoryA
ReleaseMutex
PurgeComm
CreateDirectoryW
GetShortPathNameA
GlobalReAlloc
SetThreadAffinityMask
GetWindowsDirectoryA
_lread
GetTempPathW
SetVolumeLabelA
FindFirstFileA
SetFileAttributesA
ExitProcess
SetLastError
OpenMutexA
GetNumberFormatW
GetCommModemStatus
FindNextChangeNotification
lstrcpyA
SetFileTime
GetUserDefaultLCID
GetSystemDefaultLangID
SetThreadLocale
ReadFile
GlobalAddAtomA

msvcrt

localtime
_eof
fread
_wtoi
_wfsopen
_beginthread
_mbsnbcnt
fseek
wcstoul
_fsopen
wcscoll
fscanf
wcscat
strerror
perror
_strcmpi
_sleep
wcsncat
_i64tow
wcsncpy
_wmakepath
wctomb
vprintf
fwscanf
_mbsnbcat

Sections

.text
Size: 2KB - Virtual size: 218KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 612KB - Virtual size: 612KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6e2e6a3b3d848a7e4ac8b60056cb76de

Headers

File Characteristics

Imports

oleaut32

user32

advapi32

ole32

version

kernel32

msvcrt

Sections

.text Size: 2KB - Virtual size: 218KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 612KB - Virtual size: 612KB

.rsrc Size: 17KB - Virtual size: 16KB

.text
Size: 2KB - Virtual size: 218KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 612KB - Virtual size: 612KB

.rsrc
Size: 17KB - Virtual size: 16KB