3988386d84cc53c2e30f9d08aaf40f8b

Sharing

Copy URL

Twitter E-mail

General

Target

3988386d84cc53c2e30f9d08aaf40f8b
Size

771KB
MD5

3988386d84cc53c2e30f9d08aaf40f8b
SHA1

f2768b47cc57470f8a70a6be5d812b54d6da1c28
SHA256

7151f88f77eadd4a18cbd7890bb7c4de4bc32d55efc6a9b2d61e243457abbd66
SHA512

7bd1ea57ad9771cca3accbbb326471a9a4e759d841581af7d642c494d1e8bdf195ff63ed81325ca9e4664780a3b5cc999015968776ec075f41a83684643d9f69
SSDEEP

24576:xMlD5zQnyuPrY44yOsL7qGarCzWR5tjSjoMg2fIzItVGXa:xMlD5zQnyuPrY44yOsL7qGarCzWR5tqb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3988386d84cc53c2e30f9d08aaf40f8b

Files

3988386d84cc53c2e30f9d08aaf40f8b
.exe windows:5 windows x86 arch:x86

583a56cc26f1ec06b2be17b02d6ae694

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

LoadIconW
GetNextDlgTabItem
DestroyIcon
EnableWindow
GetSystemMetrics
GetActiveWindow
EndDeferWindowPos
ModifyMenuW
GetDialogBaseUnits
EnableMenuItem
SetWindowTextW
GetKeyState
SetCursor
GetPropW
ShowOwnedPopups

advapi32

CryptSetHashParam
RegOpenKeyExA
SetSecurityDescriptorSacl
CryptDestroyHash
InitializeSecurityDescriptor
CryptReleaseContext
RegEnumKeyExW
RegEnumValueA
RegSetValueExW
CryptGetProvParam
CryptCreateHash
OpenServiceW
CryptVerifySignatureA
InitializeAcl
SetSecurityDescriptorDacl
FreeSid
RegQueryValueExW

version

GetFileVersionInfoSizeA

comctl32

ImageList_Draw
PropertySheetW
CreatePropertySheetPageW
CreateToolbarEx
InitCommonControlsEx
ImageList_Destroy
ImageList_GetIconSize

gdi32

CreateFontIndirectW
RestoreDC
SetViewportOrgEx
StartDocW
SetTextJustification
SetWindowExtEx
SetRectRgn
PatBlt
OffsetViewportOrgEx
CreateSolidBrush
IntersectClipRect
PlayMetaFileRecord
SetROP2
SetBkColor
GetObjectW
SelectClipRgn
SetPolyFillMode
CreateRectRgn
PtVisible
SetMapperFlags
BitBlt
CreatePatternBrush
DPtoLP

msvcrt

strtoul
atol
wcslen
wcschr
_ultoa
_onexit
strncpy
memmove
_wcsicmp
bsearch
isupper
wcscat
strncmp
isdigit
malloc
isxdigit
_except_handler3
free
_initterm
_ltow
_adjust_fdiv
wcscpy
sprintf
_ltoa
qsort
_wcsnicmp
__dllonexit
_itow

crypt32

CertOpenStore
CryptUnprotectData
CertFindCertificateInStore
CertCloseStore
CertFreeCertificateContext

kernel32

MoveFileW
ExitThread
GlobalUnlock
GetPrivateProfileIntW
UnhandledExceptionFilter
SetFilePointer
CompareStringA
DeleteFileW
GetDriveTypeW
EnterCriticalSection
GetCommandLineW
DuplicateHandle
Sleep
GetOEMCP
LockResource
FreeResource
GetCurrentProcessId
LocalReAlloc
GetVersion
GetCurrentThreadId
WideCharToMultiByte
GetPrivateProfileStringW
LockFile
SetUnhandledExceptionFilter
ConvertDefaultLocale
CreateFileW
GetCommandLineA
InitializeCriticalSection
GetModuleFileNameW
CopyFileW
GetFullPathNameW
GetEnvironmentStrings
GetProcessHeap
GetModuleHandleA
GetCurrentThread
GetStringTypeExW
GetFileSize
HeapReAlloc
GetCurrentProcess
FindResourceW
lstrlenA
GetCurrentDirectoryA
FlushFileBuffers
SetCurrentDirectoryA
GetStdHandle
lstrlenW
LeaveCriticalSection
GlobalFlags
GetThreadLocale
SizeofResource
GlobalGetAtomNameW
GlobalReAlloc
GetCPInfo
GetVolumeInformationW
UnlockFile
CreateProcessW
GetFileAttributesA
HeapSize
WritePrivateProfileStringW
lstrcpyA
LocalFileTimeToFileTime
SystemTimeToFileTime
WriteFile
RtlUnwind
LCMapStringA
IsValidCodePage
SetFileTime
ExitProcess
GlobalAddAtomW
CloseHandle
SetEndOfFile
SetHandleCount
GlobalLock
LCMapStringW
HeapFree
SetThreadPriority
lstrcmpA
LocalAlloc
HeapCreate
LoadLibraryA
TlsAlloc
CreateEventW
IsDebuggerPresent
HeapAlloc
FindClose
GlobalFindAtomW
FileTimeToSystemTime
FatalAppExitA
GlobalFree
TlsFree
GetAtomNameW
SetEvent
lstrcmpiW
TlsSetValue
FormatMessageW
GetStartupInfoW
SuspendThread
GetACP
GetVersionExA
FreeEnvironmentStringsA
GetSystemInfo
GetLastError
MulDiv
GetFileAttributesW
DeleteCriticalSection
FileTimeToLocalFileTime
GetShortPathNameW
GetLocaleInfoW
FindFirstFileW
ResetEvent
GetFileTime
GetVersionExW
WaitForSingleObject
SetFileAttributesW
LoadResource
GlobalAlloc
CreateThread
CompareStringW
GlobalSize
GetEnvironmentStringsW
TerminateProcess
SetLastError
VirtualAlloc
GlobalHandle
RaiseException
InterlockedExchange
SetErrorMode
GetUserDefaultLCID
InterlockedIncrement
HeapDestroy
ReadFile
EnumResourceLanguagesW
lstrcmpW
FreeEnvironmentStringsW
FindNextFileW
TlsGetValue
InterlockedDecrement
ResumeThread
VirtualFree
GlobalDeleteAtom

shell32

ShellExecuteW
Shell_NotifyIconW

oleacc

LresultFromObject
CreateStdAccessibleObject

ws2_32

WSASendTo
getnameinfo
WSAEventSelect
WSAAddressToStringW
WSARecvFrom
WSALookupServiceBeginW
WSAGetServiceClassInfoA
WSAAddressToStringA
freeaddrinfo
WSAGetLastError
getaddrinfo
WSALookupServiceEnd
WSALookupServiceNextW
WSASocketW

shlwapi

PathStripToRootW
PathRemoveExtensionW
PathFindExtensionW
PathFindFileNameW
PathIsUNCW

Sections

.text
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 463KB - Virtual size: 2.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 172KB - Virtual size: 172KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 111KB - Virtual size: 111KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

583a56cc26f1ec06b2be17b02d6ae694

Headers

DLL Characteristics

File Characteristics

Imports

user32

advapi32

version

comctl32

gdi32

msvcrt

crypt32

kernel32

shell32

oleacc

ws2_32

shlwapi

Sections

.text Size: 23KB - Virtual size: 22KB

.data Size: 463KB - Virtual size: 2.1MB

.rsrc Size: 172KB - Virtual size: 172KB

.rdata Size: 111KB - Virtual size: 111KB

.reloc Size: 512B - Virtual size: 24B

.text
Size: 23KB - Virtual size: 22KB

.data
Size: 463KB - Virtual size: 2.1MB

.rsrc
Size: 172KB - Virtual size: 172KB

.rdata
Size: 111KB - Virtual size: 111KB

.reloc
Size: 512B - Virtual size: 24B