003c43b1b0f46be34bc898b244ac360c

Sharing

Copy URL Twitter E-mail

General

Target

003c43b1b0f46be34bc898b244ac360c
Size

192KB
MD5

003c43b1b0f46be34bc898b244ac360c
SHA1

ba1407c0acd89f3d1efc2779ea9963a2834b6598
SHA256

d05b2790507c03fe8d35c8689bb642db95e712090f5cccafb7a536ea96f810ca
SHA512

1fc1b9ee40ec1fc02766475dd11da30c57118de0fc78f76b9332467272457302816b2eee75ae4e31f8e70c1ea3fa68b7112db874a803c17af0d5de90576f456f
SSDEEP

3072:8MLaSfjoT4AUP7CKbdWxmJ+vPl3GUUiUCfQ8sEZzNvM+P13hLT61gcuTocCxnp4O:pST4AK7CKYxmwvP5Gh8Rv61YCxyO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
003c43b1b0f46be34bc898b244ac360c

Files

003c43b1b0f46be34bc898b244ac360c
.exe windows:4 windows x86 arch:x86

61851611a5d66966474364b08719ec13

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

setupapi

SetupDiEnumDeviceInterfaces
SetupDiGetDeviceInterfaceDetailA
SetupDiDestroyDeviceInfoList
SetupDiGetClassDevsA

advapi32

RegQueryValueExA
GetKernelObjectSecurity
AllocateAndInitializeSid
EqualSid
FreeSid
OpenSCManagerW
CloseServiceHandle
QueryServiceStatus
DeleteService
StartServiceW
OpenServiceW
CreateServiceW
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
RegCloseKey
RegCreateKeyExA
RegOpenKeyExA
SetSecurityDescriptorDacl
RegSetValueExW
RegSetValueExA
RegEnumKeyA
RegDeleteKeyA
IsValidSid
InitializeSecurityDescriptor
GetTokenInformation
GetLengthSid

user32

EndDialog
DefWindowProcA
DestroyWindow
DialogBoxParamA
BeginPaint
GetClientRect
DrawTextA
EndPaint
CreateWindowExA
ShowWindow
UpdateWindow
LoadIconA
LoadCursorA
RegisterClassExA
LoadStringA
RegisterWindowMessageA
LoadAcceleratorsA
SetTimer
GetKeyboardType
PeekMessageA
OpenInputDesktop
MsgWaitForMultipleObjects
TranslateAcceleratorA
TranslateMessage
DispatchMessageA
KillTimer
SystemParametersInfoA
GetClassNameA
PostMessageA
FindWindowA
GetAsyncKeyState
GetForegroundWindow
FindWindowExA
GetWindowLongA
GetKeyState
MapVirtualKeyA
keybd_event
wsprintfA
MessageBoxA
ExitWindowsEx
GetUserObjectInformationA
GetThreadDesktop
CloseDesktop
GetMessageA

kernel32

GetStringTypeW
LCMapStringA
LCMapStringW
GetProcessHeap
GetStringTypeA
MultiByteToWideChar
SetStdHandle
GetOEMCP
GetACP
GetCPInfo
SetFilePointer
IsBadCodePtr
HeapReAlloc
HeapCreate
HeapDestroy
GetFileType
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
SetUnhandledExceptionFilter
CreateEventW
CreateFileW
CreateFileMappingA
CreateFileMappingW
CreateMutexA
CreateMutexW
CreatePipe
CreateProcessA
CreateProcessW
DuplicateHandle
InterlockedExchange
GetCurrentDirectoryA
GetCurrentDirectoryW
GetCurrentProcessId
GetExitCodeThread
GetFileAttributesA
GetFileAttributesW
GetFileSize
GetModuleFileNameA
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleW
GetProcAddress
GetThreadContext
IsBadReadPtr
IsBadWritePtr
DeleteFileW
GetSystemDirectoryW
GetVersionExW
Sleep
GetLastError
CloseHandle
GetCurrentProcess
LocalFree
FormatMessageA
CreateFileA
ResetEvent
GetTickCount
OutputDebugStringA
DeviceIoControl
WaitForSingleObject
CreateEventA
GetVersionExA
SetThreadPriority
CreateThread
ExitProcess
VirtualFree
WriteFile
GetSystemDirectoryA
VirtualAlloc
LockResource
LoadResource
SizeofResource
FindResourceA
HeapFree
HeapAlloc
FlushFileBuffers
SetPriorityClass
GetCurrentThread
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
LocalAlloc
GetVersion
GetCurrentThreadId
WideCharToMultiByte
GetThreadLocale
GetStartupInfoA
GetLocaleInfoA
GetCommandLineA
FreeLibrary
UnhandledExceptionFilter
RtlUnwind
RaiseException
GetStdHandle
TlsSetValue
TlsGetValue
TlsFree
TlsAlloc
lstrlenW
lstrlenA
lstrcpyW
lstrcpyA
lstrcmpiW
lstrcmpiA
lstrcatW
WriteProcessMemory
WaitForMultipleObjects
VirtualQueryEx
VirtualQuery
VirtualProtectEx
VirtualProtect
UnmapViewOfFile
TerminateThread
TerminateProcess
SetLastError
SetEvent
ResumeThread
ReleaseMutex
ReadProcessMemory
ReadFile
OpenProcess
OpenMutexW
OpenMutexA
OpenFileMappingW
OpenFileMappingA
OpenEventW
OpenEventA
MapViewOfFile
LoadLibraryExA
LoadLibraryW
LoadLibraryA

oleaut32

SysReAllocStringLen
SysFreeString

Sections

.text
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

CODE
Size: 104KB - Virtual size: 102KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

61851611a5d66966474364b08719ec13

Headers

File Characteristics

Imports

setupapi

advapi32

user32

kernel32

oleaut32

Sections

.text Size: 36KB - Virtual size: 35KB

CODE Size: 104KB - Virtual size: 102KB

.rdata Size: 8KB - Virtual size: 7KB

.data Size: 8KB - Virtual size: 12KB

DATA Size: 4KB - Virtual size: 3KB

BSS Size: 4KB - Virtual size: 1KB

.rsrc Size: 24KB - Virtual size: 22KB

.text
Size: 36KB - Virtual size: 35KB

CODE
Size: 104KB - Virtual size: 102KB

.rdata
Size: 8KB - Virtual size: 7KB

.data
Size: 8KB - Virtual size: 12KB

DATA
Size: 4KB - Virtual size: 3KB

BSS
Size: 4KB - Virtual size: 1KB

.rsrc
Size: 24KB - Virtual size: 22KB