3c81911030b464816296bec3197f16b9

General

Target

3c81911030b464816296bec3197f16b9
Size

199KB
MD5

3c81911030b464816296bec3197f16b9
SHA1

c18a86a4da00b9911928dc1d2dd5768aa38ffbd2
SHA256

71fb0441ab4d79ab4d6f9b21d44b336144db2ee230e74ad56f8b1199171738e8
SHA512

d9dc3a1363fb27d4c6ccdea85d3486c4dfd656a26bdb32a5a0d958228e2b69c7bf3980bdb974cb9184fab3a4db66ed087e0cc4218749e26e35ab969f493fd387
SSDEEP

3072:pmXJqamPUWnxDTVCMhIN7YPmK0qeHB5G35/KBpsnkgzmNEgDSUHet40/YhkY8IFY:pmoLPUwrzsUnLYeKBpuS5O5/YhfZFNO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3c81911030b464816296bec3197f16b9

Files

3c81911030b464816296bec3197f16b9
.dll windows:4 windows x86 arch:x86

df031414067388631893c33ca2ab9ee4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
CreateConsoleScreenBuffer
DisableThreadLibraryCalls
ExitProcess
FileTimeToLocalFileTime
FreeLibrary
GetACP
GetCommandLineA
GetCurrentThreadId
GetLastError
GetModuleFileNameA
GetModuleHandleA
GetNumberFormatA
GetOEMCP
GetPriorityClass
GetStartupInfoA
GetStdHandle
GetVersion
HeapAlloc
HeapCreate
HeapReAlloc
InitializeCriticalSection
LoadLibraryA
MultiByteToWideChar
ResumeThread
RtlUnwind
SetEndOfFile
SetFilePointer
SetHandleCount
SetLastError
SetStdHandle
SetUnhandledExceptionFilter
TerminateProcess
TlsAlloc
lstrcpynA

user32

SetMenuItemInfoA
GetWindowPlacement
GetKeyState
EndDeferWindowPos
DialogBoxIndirectParamA

ole32

CoTaskMemFree
CoFileTimeNow
CLSIDFromString
CoCreateInstance
CreateAntiMoniker

advapi32

RevertToSelf
ObjectCloseAuditAlarmA

opengl32

glScissor
glTexCoord2sv
glTexGend
glIndexPointer
glColor3b

Exports

Exports

EnumWBSettingReset
GetExtendedDeviceInfo

Sections

.text
Size: 133KB - Virtual size: 212KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 60KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

df031414067388631893c33ca2ab9ee4

Headers

File Characteristics

Imports

kernel32

user32

ole32

advapi32

opengl32

Exports

Exports

Sections

.text Size: 133KB - Virtual size: 212KB

.data Size: 60KB - Virtual size: 64KB

.rsrc Size: 3KB - Virtual size: 4KB

.reloc Size: 1024B - Virtual size: 4KB

.text
Size: 133KB - Virtual size: 212KB

.data
Size: 60KB - Virtual size: 64KB

.rsrc
Size: 3KB - Virtual size: 4KB

.reloc
Size: 1024B - Virtual size: 4KB