3a60e0d45bde0243ee496c541d721406

Sharing

Copy URL Twitter E-mail

General

Target

3a60e0d45bde0243ee496c541d721406
Size

12.7MB
MD5

3a60e0d45bde0243ee496c541d721406
SHA1

05f3ba2e68ab01bb7fb6457fb242056811b340a7
SHA256

4a40d2087bb63c08708cd09e09e8c2adf072aeecdf0cfa8acaeec215aa911636
SHA512

6a11e91ca2de5a156a11f67f2810e6c24c4e373a5c88130629d53e252733eae6716a4876551c2b0741daafcc2d4cc21c1a29a6f51314f40c359f07d141a360e1
SSDEEP

196608:wbEsQhgZLLNKfmCqyO2ks2ELRq/S/MOUypOVLZ8fdtZBOILKre0DVmh7yc/mhCA8:wbEsQhnOCq7wLECYuf1AMMUhcD8dMYV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3a60e0d45bde0243ee496c541d721406

Files

3a60e0d45bde0243ee496c541d721406
.exe windows:4 windows x86 arch:x86

a61626fd06ddccd88fcdcd7ca7739059

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LocalFree
LocalAlloc
GetDriveTypeA
GetTempPathA
LocalLock
LocalUnlock
lstrlenA
RemoveDirectoryA
DeleteFileA
Sleep
GlobalAlloc
GetFileAttributesA
GlobalFree
GlobalLock
GlobalUnlock
LockResource
FindResourceA
LoadResource
CreateFileA
FreeResource
GetLastError
lstrcpyA
CloseHandle
lstrcatA
GetModuleFileNameA
GetVersionExA
lstrcmpA
SetPriorityClass
RaiseException
GetCurrentProcess
GetTimeZoneInformation
GetLocaleInfoW
GetStringTypeA
GetOEMCP
GetStringTypeW
IsBadCodePtr
IsBadReadPtr
GetACP
SetStdHandle
EnumSystemLocalesA
SetUnhandledExceptionFilter
IsValidLocale
GetCPInfo
IsValidCodePage
LCMapStringA
IsBadWritePtr
LCMapStringW
VirtualFree
HeapCreate
VirtualAlloc
GetStdHandle
SetHandleCount
HeapDestroy
GetEnvironmentStrings
WideCharToMultiByte
GetEnvironmentStringsW
ResumeThread
FreeEnvironmentStringsA
HeapSize
TerminateProcess
HeapReAlloc
FileTimeToLocalFileTime
FileTimeToSystemTime
TlsGetValue
TlsSetValue
SetEnvironmentVariableA
CompareStringW
CompareStringA
GetWindowsDirectoryA
GetSystemDirectoryA
GetUserDefaultLCID
GetLocaleInfoA
GetShortPathNameA
lstrcmpiA
LoadLibraryA
GetProcAddress
lstrcpynA
IsDBCSLeadByte
SetLastError
SizeofResource
FormatMessageA
GetExitCodeProcess
GetTempFileNameA
FindClose
GetFullPathNameA
GetModuleHandleA
MultiByteToWideChar
VirtualProtect
CreateProcessA
WaitForSingleObject
CreateEventA
SetEvent
FindFirstChangeNotificationA
FindCloseChangeNotification
FreeLibrary
FindNextChangeNotification
ReleaseMutex
GetCurrentThreadId
CreateMutexA
HeapFree
HeapAlloc
FreeEnvironmentStringsW
GetCurrentThread
SetThreadPriority
GetEnvironmentVariableA
FlushFileBuffers
WritePrivateProfileStringA
CreateThread
GlobalMemoryStatus
GetSystemInfo
SetErrorMode
GetPrivateProfileStringA
QueryPerformanceCounter
GetThreadPriority
GetPriorityClass
QueryPerformanceFrequency
DeviceIoControl
CreateDirectoryA
WriteFile
ReadFile
SetFileTime
GetFileTime
SetFilePointer
GetFileSize
GetFileType
MoveFileExA
SetEndOfFile
GetCurrentDirectoryA
UnhandledExceptionFilter
GetDiskFreeSpaceA
SetCurrentDirectoryA
FindFirstFileA
FindNextFileA
SetFileAttributesA
GetExitCodeThread
GetTickCount
ExitThread
RtlUnwind
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess

user32

ShowWindow
GetDlgItem
InvalidateRect
EnableWindow
CreateDialogParamA
DestroyWindow
UnregisterClassA
SetWindowTextA
SendDlgItemMessageA
GetMessageA
DispatchMessageA
TranslateMessage
GetSystemMetrics
SetFocus
CreateWindowExA
FindWindowA
ReleaseDC
GetDC
LoadIconA
LoadStringA
GetSysColorBrush
PostQuitMessage
RedrawWindow
GetUpdateRect
CopyRect
DialogBoxParamA
EndDialog
FillRect
GetDlgItemTextA
PeekMessageA
FindWindowExA
MsgWaitForMultipleObjects
RegisterClassA
LoadCursorA
SetDlgItemTextA
SendMessageA
MessageBoxA
SetForegroundWindow
EnumWindows
IsWindow
UpdateWindow
CharPrevA
CharNextA
wvsprintfA
SetWindowPos
GetKeyboardType
WaitForInputIdle
GetDesktopWindow
CharUpperA
PostMessageA
CharToOemA
ExitWindowsEx
DefWindowProcA
GetClientRect
GetParent
EnumDisplaySettingsA
SetCursor
BeginPaint
FrameRect
InflateRect
GetWindowWord
wsprintfA
EndPaint
SetWindowWord

gdi32

ExtTextOutA
GetStockObject
SelectObject
GetTextExtentPoint32A
DeleteDC
DeleteObject
GetDeviceCaps
RealizePalette
SelectPalette
BitBlt
GetObjectA
TextOutA
CreateCompatibleDC
SetBkMode
GetBkMode
GetTextColor
CreateDIBitmap
CreatePalette
SetTextAlign
SetBkColor
SetTextColor
GetSystemPaletteEntries
AddFontResourceA

shell32

SHChangeNotify
SHGetSpecialFolderLocation
SHBrowseForFolderA
SHGetPathFromIDListA
SHGetMalloc
ShellExecuteExA

version

GetFileVersionInfoSizeA
VerQueryValueA
VerLanguageNameA
GetFileVersionInfoA

winmm

timeGetTime
joyGetNumDevs
waveOutGetDevCapsA
waveOutGetNumDevs

advapi32

AdjustTokenPrivileges
RegDeleteValueA
RegSetValueExA
RegCloseKey
RegQueryValueExA
RegOpenKeyExA
RegCreateKeyExA
LookupPrivilegeValueA
OpenProcessToken
RegDeleteKeyA
RegEnumKeyExA
RegQueryInfoKeyA

ole32

OleInitialize
CoUninitialize
CoCreateInstance
CoInitialize
OleUninitialize

Exports

Exports

?MasterCallback@@YG?AW4EBURETCODE@@PAX@Z
_CPPDlgProc@16

Sections

.text
Size: 156KB - Virtual size: 153KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 46.6MB - Virtual size: 46.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a61626fd06ddccd88fcdcd7ca7739059

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shell32

version

winmm

advapi32

ole32

Exports

Exports

Sections

.text Size: 156KB - Virtual size: 153KB

.rdata Size: 16KB - Virtual size: 12KB

.data Size: 28KB - Virtual size: 53KB

.rsrc Size: 46.6MB - Virtual size: 46.6MB

.text
Size: 156KB - Virtual size: 153KB

.rdata
Size: 16KB - Virtual size: 12KB

.data
Size: 28KB - Virtual size: 53KB

.rsrc
Size: 46.6MB - Virtual size: 46.6MB