3cd2d576167b3121c8327d34aad4a934

Sharing

Copy URL Twitter E-mail

General

Target

3cd2d576167b3121c8327d34aad4a934
Size

88KB
MD5

3cd2d576167b3121c8327d34aad4a934
SHA1

61dddb89b606d34dcd365b8866fbacbe3d5a7f89
SHA256

427f3c4ddcf7135c8a7c4df7a242aacceb335bfedc53482f4b784e2594707747
SHA512

7d1770600978cd1ad970010d6ec2cbdb96fb75df0b1d8f8cb48ed67e50eda9b46ceb13ab7ac12d5fa00ae15d4f38f5189da038005e71f2ef88aa0ea3d8d9b62f
SSDEEP

1536:fVM5fMOs2Mj736uXPjiB1Evw4ZDRZWHcBRa8fZHGtpq54gjiRgDTCaU5c/0FKLih:fVM5fMOs2MjTXPzk0ZOS4gjcYn0FbbY8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3cd2d576167b3121c8327d34aad4a934

Files

3cd2d576167b3121c8327d34aad4a934
.exe windows:5 windows x86 arch:x86

957f61a1566869554ebd299961453298

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

DestroyPropertySheetPage
ImageList_Remove
ImageList_ReplaceIcon
ImageList_Create
ImageList_AddMasked
ImageList_SetOverlayImage
ImageList_Destroy
ImageList_GetIcon
CreatePropertySheetPageW
InitCommonControlsEx
PropertySheetW

ole32

CoCreateInstance
OleInitialize
OleGetClipboard
CoTaskMemAlloc
CoTaskMemFree
OleUninitialize
OleSetClipboard
CoGetCallContext
ReleaseStgMedium

gdi32

RealizePalette
BitBlt
SelectObject
CreatePalette
DeleteObject
SelectPalette
DeleteDC
GetDeviceCaps
CreateDIBitmap
CreateFontIndirectW
CreateCompatibleDC
GetStockObject
GetObjectW

msvcrt

wcsncmp
_except_handler3
_itow
malloc
wcsncpy
wcschr
wcstombs
wcsstr
wcslen
_initterm
free
_purecall
wcscmp
_wcsicmp
_vsnwprintf
wcspbrk
mbstowcs
_adjust_fdiv
wcsspn
_wcsnicmp
iswctype
memmove
rand
setlocale
wcsrchr
wcstoul

winmm

auxOutMessage

user32

GetClientRect
GetSystemMetrics
ShowWindow
TrackPopupMenu
GetWindowThreadProcessId
DefWindowProcW
GetClassNameW
SetMenuDefaultItem
LoadCursorW
GetWindowLongW
LoadStringW
SetFocus
EndDialog
GetWindow
InvalidateRect
GetMenuItemInfoW
ReleaseDC
IsWindow
GetMenuItemCount
SetForegroundWindow
GetSubMenu
GetDlgItem
GetDlgItemInt
LoadImageW
KillTimer
DestroyIcon
GetForegroundWindow
SetTimer
SystemParametersInfoW
MessageBeep
WinHelpW
EnumWindows
SetCursor
GetMenuItemID
SendMessageW
RegisterClipboardFormatW
GetWindowRect
SendDlgItemMessageW
CheckRadioButton
SetMenuItemInfoW
GetParent
SetWindowLongW
DialogBoxParamW
GetWindowTextW
EnableWindow
SwitchToThisWindow
RegisterClassW
SetDlgItemTextW
GetDC
CreateWindowExW
ValidateRect
MessageBoxW
CheckMenuItem
IsDlgButtonChecked
FindWindowW
RemoveMenu
EnableMenuItem
GetDlgItemTextW
SetWindowPos
DestroyWindow
EnumChildWindows
MapWindowPoints
LoadMenuW
RegisterWindowMessageW
CheckDlgButton
GetKeyState
SetWindowTextW
GetClassInfoW
GetLastActivePopup
GetWindowTextLengthW
DestroyMenu
PostMessageW

advapi32

RegEnumKeyExW
SetSecurityInfo
LookupPrivilegeValueW
GetTokenInformation
CheckTokenMembership
OpenSCManagerW
RevertToSelf
RegDeleteKeyW
AdjustTokenPrivileges
OpenProcessToken
ConvertStringSecurityDescriptorToSecurityDescriptorW
RegConnectRegistryW
CloseServiceHandle
GetUserNameW
OpenThreadToken
SetEntriesInAclW
ImpersonateSelf
ControlService
StartServiceW
AllocateAndInitializeSid
RegQueryValueExW
SetSecurityDescriptorOwner
AccessCheck
GetSecurityInfo
GetFileSecurityW
RegSetValueExW
QueryServiceStatus
FreeSid
RegOpenKeyExW
OpenServiceW
LookupAccountSidW
RegCloseKey

shlwapi

PathFindFileNameW
PathFindExtensionW
PathRemoveFileSpecW

ntdsapi

DsMakeSpnW

shell32

SHChangeNotify
SHGetFolderPathW
SHGetPathFromIDListW
SHFileOperationW
DragQueryFileW
ShellExecuteW
SHExtractIconsW

userenv

UnloadUserProfile

comdlg32

CommDlgExtendedError
GetOpenFileNameW

kernel32

InitializeCriticalSection
GetCurrentThreadId
FileTimeToSystemTime
SetErrorMode
LoadLibraryW
GlobalFree
GlobalAlloc
SetEndOfFile
UnmapViewOfFile
QueryPerformanceCounter
MulDiv
ActivateActCtx
CancelWaitableTimer
SetCurrentDirectoryW
CreateFileW
GetVersionExW
CreateFileMappingW
GlobalLock
DeleteCriticalSection
InterlockedDecrement
OpenProcess
lstrlenW
SearchPathW
IsBadStringPtrW
IsBadWritePtr
WideCharToMultiByte
CreateWaitableTimerW
ReleaseActCtx
CompareFileTime
SetFileTime
CompareStringW
CreateDirectoryW
ExitThread
ExpandEnvironmentStringsW
GetLastError
GetCurrentThread
WriteFile
LockResource
GetProcAddress
GetSystemTimeAsFileTime
GetTimeFormatW
UnhandledExceptionFilter
GetDateFormatW
DeleteFileW
LocalFree
FreeLibrary
InterlockedIncrement
CreateThread
GetUserDefaultUILanguage
GetSystemTime
EnterCriticalSection
GetFullPathNameW
Sleep
TerminateProcess
GetCurrentProcessId
FindResourceW
DeactivateActCtx
SetFileAttributesW
GetComputerNameW
GetFileType
GetVolumeInformationW
GetCurrentDirectoryW
SetUnhandledExceptionFilter
LocalReAlloc
MapViewOfFile
LoadResource
FormatMessageW
GlobalUnlock
FindNextFileW
GetFileSize
SystemTimeToFileTime
GetTickCount
DuplicateHandle
lstrcmpiW
SetWaitableTimer
GetFileAttributesW
GetLocalTime
GetCurrentActCtx
FindClose
LeaveCriticalSection
SetFilePointer
GlobalReAlloc
lstrcmpA
FindFirstFileW
GetCurrentProcess
GetEnvironmentVariableW
lstrcpynW
GetDriveTypeW
GetFileTime
GetComputerNameExW
VirtualAlloc
CloseHandle
LocalAlloc
lstrcmpW
GetUserDefaultLCID
GetLocaleInfoW
ReadFile

lz32

LZClose

mpr

WNetGetConnectionW
WNetGetResourceInformationW
WNetGetNetworkInformationW

secur32

GetUserNameExW

version

VerQueryValueW
GetFileVersionInfoSizeW
GetFileVersionInfoW

rpcrt4

RpcBindingFromStringBindingW
UuidCreate
RpcEpResolveBinding
RpcBindingFree
RpcBindingSetAuthInfoExW
RpcStringFreeW
NdrClientCall2
RpcStringBindingComposeW

Sections

.textbss
Size: 77KB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 512B - Virtual size: 420B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

957f61a1566869554ebd299961453298

Headers

DLL Characteristics

File Characteristics

Imports

comctl32

ole32

gdi32

msvcrt

winmm

user32

advapi32

shlwapi

ntdsapi

shell32

userenv

comdlg32

kernel32

lz32

mpr

secur32

version

rpcrt4

Sections

.textbss Size: 77KB - Virtual size: 1.2MB

.text Size: 512B - Virtual size: 420B

.idata Size: 8KB - Virtual size: 8KB

.rdata Size: 512B - Virtual size: 32B

.reloc Size: 512B - Virtual size: 28KB

.textbss
Size: 77KB - Virtual size: 1.2MB

.text
Size: 512B - Virtual size: 420B

.idata
Size: 8KB - Virtual size: 8KB

.rdata
Size: 512B - Virtual size: 32B

.reloc
Size: 512B - Virtual size: 28KB