03b32c196b3f5c7fe72216af08f22a3b

Sharing

Copy URL

Twitter E-mail

General

Target

03b32c196b3f5c7fe72216af08f22a3b
Size

84KB
MD5

03b32c196b3f5c7fe72216af08f22a3b
SHA1

c39f2faba6ae26bdace0170f36ec2ee9177a365f
SHA256

59058a14dd61c229eaa739d1967323cf910f4bd31b187cc044a7bf72e2a8169b
SHA512

78ff3402069dd149ceb38fb8d1eed85fbeb5c151ebd3654ae3e8737968e6a9aa583884546fcc5e59c8b7ad9e1ac0057c854228995628a85ac93f4b5f701bad5c
SSDEEP

1536:vag6/8rJr5i+KEp4LFCn636iUNuYrDUly1RNwrP0LQlyuc:56gr58TQDUlcgP0LQlyuc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
03b32c196b3f5c7fe72216af08f22a3b

Files

03b32c196b3f5c7fe72216af08f22a3b
.exe windows:4 windows x86 arch:x86

4586d29204fb577c0016020b622086fb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Sleep
GetLastError
GetCurrentThreadId
InterlockedIncrement
InterlockedDecrement
GetModuleFileNameA
GetModuleHandleA
lstrlenW
WideCharToMultiByte
FreeLibrary
SizeofResource
LoadResource
FindResourceA
LoadLibraryExA
lstrcmpiA
lstrcpynA
IsDBCSLeadByte
GetLocalTime
LoadLibraryA
GetProcAddress
SearchPathA
GetOEMCP
IsBadCodePtr
IsBadReadPtr
LocalFree
CreateProcessA
LeaveCriticalSection
EnterCriticalSection
MultiByteToWideChar
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
lstrcpyA
CreateThread
lstrlenA
DeleteFileA
WaitForSingleObject
WriteFile
CloseHandle
CreateFileA
DeleteCriticalSection
RaiseException
SetEndOfFile
LCMapStringW
LCMapStringA
GetStringTypeW
GetStringTypeA
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetStdHandle
HeapSize
InitializeCriticalSection
SetFilePointer
FlushFileBuffers
SetStdHandle
HeapFree
RtlUnwind
ExitProcess
HeapAlloc
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
HeapReAlloc
GetStartupInfoA
GetCommandLineA
HeapDestroy
HeapCreate
VirtualFree
IsBadWritePtr
TlsAlloc
SetLastError
TlsFree
TlsSetValue
TlsGetValue
SetUnhandledExceptionFilter
ReadFile
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
GetCPInfo

user32

FindWindowA
DefWindowProcA
CharNextA
DestroyWindow

advapi32

StartServiceA
RegSetValueExA
RegEnumKeyExA
RegQueryInfoKeyA
RegOpenKeyExA
RegCloseKey
RegDeleteValueA
RegCreateKeyExA
RegDeleteKeyA
OpenSCManagerA
OpenServiceA
CloseServiceHandle
QueryServiceStatus

shell32

ShellExecuteA

ole32

CoTaskMemFree
CoTaskMemAlloc
CoInitialize
CoUninitialize
CoTaskMemRealloc
CoCreateInstance

oleaut32

VarUI4FromStr
SysAllocString
SysAllocStringLen
VariantClear
VariantInit
SysStringByteLen
SysAllocStringByteLen
SysFreeString

comctl32

InitCommonControlsEx

wininet

InternetCrackUrlA
InternetCloseHandle
InternetReadFile
HttpSendRequestA
HttpOpenRequestA
InternetConnectA
InternetGetConnectedState
InternetOpenA

Sections

.text
Size: 56KB - Virtual size: 54KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4586d29204fb577c0016020b622086fb

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ole32

oleaut32

comctl32

wininet

Sections

.text Size: 56KB - Virtual size: 54KB

.rdata Size: 12KB - Virtual size: 11KB

.data Size: 4KB - Virtual size: 10KB

.rsrc Size: 8KB - Virtual size: 7KB

.text
Size: 56KB - Virtual size: 54KB

.rdata
Size: 12KB - Virtual size: 11KB

.data
Size: 4KB - Virtual size: 10KB

.rsrc
Size: 8KB - Virtual size: 7KB