3d592eb595f719c5c648ed7212ae2bc7

Sharing

Copy URL

Twitter E-mail

General

Target

3d592eb595f719c5c648ed7212ae2bc7
Size

257KB
MD5

3d592eb595f719c5c648ed7212ae2bc7
SHA1

03bc0359b55ad219aa5c4e009dad4ef5f55344b2
SHA256

0e7a84d76e3adbc031d35316f54bfdd7f7beaf2574bc4b798f907634175d0b96
SHA512

be81f198af9430ebe91f165b125942d08c824aef6dcd5d270e00b5bd0e8a85ce4d23ebac9d74dd6485ebc29038c8f4a0e294029abd76963e76d44597e77c69be
SSDEEP

6144:7MwnIkJtDc1zT6PHfPvSdWbldD+MKeKTBvLaWePK:LTcUX3SmnvKTJLoPK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3d592eb595f719c5c648ed7212ae2bc7

Files

3d592eb595f719c5c648ed7212ae2bc7
.exe windows:4 windows x86 arch:x86

0348c1047c2d3e79af030a87ffad9fa1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

CommandLineToArgvW
InternalExtractIconListA
SHLoadInProc
ShellAboutW
DragQueryFile

advapi32

InitiateSystemShutdownW
CryptImportKey
CryptDestroyKey
CryptGetKeyParam
CryptEnumProvidersW
RegRestoreKeyA
AbortSystemShutdownA
RegNotifyChangeKeyValue
RegDeleteValueW
CryptSetProviderExW
RegEnumKeyW
CryptEncrypt
CryptAcquireContextW
DuplicateTokenEx
LookupAccountSidA
RegDeleteValueA

comdlg32

GetFileTitleA

kernel32

FreeLibraryAndExitThread
IsValidCodePage
GetCurrentThread
UnhandledExceptionFilter
FreeEnvironmentStringsW
GetLastError
CompareStringW
HeapReAlloc
GetCurrentProcessId
GetCPInfo
GetLocaleInfoA
EnumSystemLocalesA
GetConsoleCP
InitializeCriticalSection
ExitProcess
VirtualQuery
WriteFile
SetLastError
IsBadReadPtr
SetHandleCount
TerminateProcess
MultiByteToWideChar
GetTimeZoneInformation
GetDriveTypeW
GetACP
CompareStringA
GetEnvironmentStrings
SetEnvironmentVariableA
QueryPerformanceCounter
GetStartupInfoA
GetProfileSectionW
HeapAlloc
GetCommandLineA
IsValidLocale
OpenMutexW
GetStdHandle
EnterCriticalSection
GetModuleFileNameA
GetStringTypeA
GetLocaleInfoW
GetOEMCP
GetFileType
VirtualAlloc
HeapSize
ReadConsoleInputA
IsBadWritePtr
WideCharToMultiByte
GetCurrentThreadId
GetModuleHandleA
GetEnvironmentStringsW
LeaveCriticalSection
TlsAlloc
GetVersionExA
GetDateFormatA
GetTimeFormatA
GetStringTypeW
HeapFree
TlsFree
DeleteCriticalSection
GetTickCount
TlsGetValue
RtlUnwind
HeapDestroy
VirtualFree
GetSystemInfo
GetUserDefaultLCID
GetSystemTimeAsFileTime
InterlockedExchange
TlsSetValue
VirtualProtect
LoadLibraryA
HeapCreate
LCMapStringW
FreeEnvironmentStringsA
GetProcAddress
LCMapStringA
GetCurrentProcess
WaitForSingleObject

Sections

.text
Size: 101KB - Virtual size: 100KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 135KB - Virtual size: 135KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0348c1047c2d3e79af030a87ffad9fa1

Headers

File Characteristics

Imports

shell32

advapi32

comdlg32

kernel32

Sections

.text Size: 101KB - Virtual size: 100KB

.rdata Size: 7KB - Virtual size: 22KB

.data Size: 135KB - Virtual size: 135KB

.rsrc Size: 12KB - Virtual size: 11KB

.text
Size: 101KB - Virtual size: 100KB

.rdata
Size: 7KB - Virtual size: 22KB

.data
Size: 135KB - Virtual size: 135KB

.rsrc
Size: 12KB - Virtual size: 11KB