3c0590171b9575f9e2ad70dd726c1f45

Sharing

Copy URL Twitter E-mail

General

Target

3c0590171b9575f9e2ad70dd726c1f45
Size

183KB
MD5

3c0590171b9575f9e2ad70dd726c1f45
SHA1

c973518663b657473ebf3933506ca93aed0b59b4
SHA256

bb14c410c1269d31a1dc9ef0a3477562f7801ad53501af40476d241fd72670c8
SHA512

050a77139ddc7c3e2eda5cd9bb5471f519fafa6a212268a0b366b00dbd2108863088ca3c27168ab2ab7a55da57549c96ad58d16d56419c39a8883f0c9e402361
SSDEEP

3072:hlVFIRjNrJjZBFHqm/wiQ5joVWKStbrof+7muhxsAwPCPlVjS03z4pOy:hCLV8e25kVH2bkioq3jS03E8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3c0590171b9575f9e2ad70dd726c1f45

Files

3c0590171b9575f9e2ad70dd726c1f45
.exe windows:4 windows x86 arch:x86

79cd4a9d74b55df8e46dd587a4094e2f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegOpenKeyA
RegCreateKeyA

version

VerInstallFileA
VerQueryValueA

shlwapi

SHEnumValueA
SHDeleteKeyA
SHQueryInfoKeyA
PathIsContentTypeA
PathFileExistsA
SHDeleteValueA
SHDeleteKeyA
PathIsContentTypeA
SHDeleteValueA
PathGetCharTypeA
SHQueryValueExA
SHSetValueA
SHStrDupA
SHGetValueA
PathIsDirectoryA
SHQueryInfoKeyA
SHDeleteKeyA
PathIsContentTypeA
SHDeleteValueA
SHQueryValueExA
PathIsDirectoryA
SHGetValueA
SHEnumValueA
PathGetCharTypeA
PathFileExistsA

user32

GetIconInfo
GetKeyNameTextA
GetKeyState

msvcrt

sin
memcpy
fabs
memcmp
log10
wcstol
sqrt
atan

kernel32

VirtualAlloc
GetProcAddress
ExitProcess
ExitThread
lstrlenA
LoadLibraryA
GetModuleHandleA
GetVersionExA
IsBadReadPtr
ReadFile
GlobalAlloc
GetLastError
LocalAlloc
GetACP
SetEndOfFile
GetCommandLineW
ResetEvent

ole32

CoRevokeClassObject
CoUninitialize
CoDisconnectObject
CreateStreamOnHGlobal
CoGetObjectContext
StgOpenStorage
CoGetContextToken
CoCreateInstanceEx
CoUnmarshalInterface
CoGetMalloc

comctl32

ImageList_Add
ImageList_Read

gdi32

CopyEnhMetaFileA
SelectObject
CreateCompatibleBitmap
SelectPalette
CreateDIBitmap
GetObjectA
RestoreDC
CreatePenIndirect

comdlg32

FindTextA
GetFileTitleA

shell32

SHGetSpecialFolderLocation
SHGetDiskFreeSpaceA

oleaut32

SysAllocStringLen
GetErrorInfo
SafeArrayGetUBound
SafeArrayUnaccessData
SysReAllocStringLen

Sections

.text
Size: 45KB - Virtual size: 45KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ddata
Size: 512B - Virtual size: 369B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bdata
Size: 121KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 996B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

79cd4a9d74b55df8e46dd587a4094e2f

Headers

File Characteristics

Imports

advapi32

version

shlwapi

user32

msvcrt

kernel32

ole32

comctl32

gdi32

comdlg32

shell32

oleaut32

Sections

.text Size: 45KB - Virtual size: 45KB

.rdata Size: 1024B - Virtual size: 60KB

.data Size: 9KB - Virtual size: 9KB

.ddata Size: 512B - Virtual size: 369B

.bdata Size: 121KB - Virtual size: 120KB

.gdata Size: 3KB - Virtual size: 3KB

.rsrc Size: 1024B - Virtual size: 996B

.text
Size: 45KB - Virtual size: 45KB

.rdata
Size: 1024B - Virtual size: 60KB

.data
Size: 9KB - Virtual size: 9KB

.ddata
Size: 512B - Virtual size: 369B

.bdata
Size: 121KB - Virtual size: 120KB

.gdata
Size: 3KB - Virtual size: 3KB

.rsrc
Size: 1024B - Virtual size: 996B