3906bca59dfcacda52c1f31ed01a3930

Sharing

Copy URL Twitter E-mail

General

Target

3906bca59dfcacda52c1f31ed01a3930
Size

25KB
MD5

3906bca59dfcacda52c1f31ed01a3930
SHA1

9c47ed12b33b068377c4f58de201282efabcb816
SHA256

e6a1a519962c9517435b6fced620a0041779ae4e59c186f1acf7378eec301ed3
SHA512

45c8aabd3ad3d4d18625177e79a12134c1500087d4bf890697f51f4baa984a2dc9268f0aa63bbabd080d2cdeea87a424a4c29f9728f1c13e5a8238b8713f4493
SSDEEP

384:5xogh8Rb8zVDEzZFp8880EON088780b888/Q8488FI88OY288q2I83Sw88885TzO:hL+wBQCS2Tzz3iNIy53Q9nPVdHvE5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3906bca59dfcacda52c1f31ed01a3930

Files

3906bca59dfcacda52c1f31ed01a3930
.exe windows:4 windows x86 arch:x86

07bfc3cd66affdbbe9a2a3530284722e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ntdll

NtAllocateVirtualMemory
LdrLoadDll

powrprof

GetPwrCapabilities

mpr

WNetOpenEnumW

advapi32

RegOpenKeyExA
RegQueryValueExW
RegCloseKey
RegOpenKeyExW
RegQueryValueExA

user32

LoadStringW
ShowWindow
SystemParametersInfoW
EndDialog
GetWindowRect
CharNextW
SendDlgItemMessageW
GetDlgItem
DestroyIcon
GetSystemMetrics
SetDlgItemTextW
CreateDialogParamW
SendMessageW
WinHelpW
DialogBoxParamW
CharNextA
SetWindowTextW
ScreenToClient
MoveWindow
RegisterDeviceNotificationW

kernel32

lstrcmpW
GetDateFormatW
GetProcAddress
MultiByteToWideChar
SetUnhandledExceptionFilter
FormatMessageW
GetLastError
UnhandledExceptionFilter
GetModuleFileNameW
TerminateProcess
lstrcatW
lstrlenW
GetModuleHandleW
GetLocaleInfoW
GetSystemPowerStatus
DeviceIoControl
InterlockedExchange
GetModuleHandleA
CreateFileW
LoadLibraryW
GetVersionExA
CloseHandle
LocalAlloc
DisableThreadLibraryCalls
LocalFree
GetCurrentProcess
lstrcpynW
lstrcpyW
GetWindowsDirectoryW

setupapi

SetupDiGetDeviceInterfaceDetailW
SetupDiDestroyDeviceInfoList
SetupDiEnumDeviceInterfaces
SetupDiGetClassDevsW

msvcrt

_except_handler3

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 210B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 10KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 20B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

07bfc3cd66affdbbe9a2a3530284722e

Headers

File Characteristics

Imports

ntdll

powrprof

mpr

advapi32

user32

kernel32

setupapi

msvcrt

Sections

.text Size: 3KB - Virtual size: 2KB

.rdata Size: 512B - Virtual size: 210B

.data Size: 10KB - Virtual size: 72KB

.reloc Size: 512B - Virtual size: 20B

.rsrc Size: 10KB - Virtual size: 10KB

.text
Size: 3KB - Virtual size: 2KB

.rdata
Size: 512B - Virtual size: 210B

.data
Size: 10KB - Virtual size: 72KB

.reloc
Size: 512B - Virtual size: 20B

.rsrc
Size: 10KB - Virtual size: 10KB