3b18f97ec344df58e02b5530c5845f4b

Sharing

Copy URL Twitter E-mail

General

Target

3b18f97ec344df58e02b5530c5845f4b
Size

628KB
MD5

3b18f97ec344df58e02b5530c5845f4b
SHA1

23ddd1d6bf1a1a23592431fd844551ba73be57e6
SHA256

9aa011debf4751269c6ef35caa93f58021f2b9417ca6bc9c5d8c9b2f06a2d712
SHA512

d8dbf43a2ef0e0353253bc06f243af03fae6dc0c79490ccb65900d7c36eb61a7ee80db52af85e72b27f6be936953b131046b1b0c7b8fdadab2f2545c2a0c9a60
SSDEEP

12288:gi7gbF5SCrjus4SHfUwUZx1Btm6FsA+bkcC7K3PaGO:oLSCfushRUZxaIW3PaGO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3b18f97ec344df58e02b5530c5845f4b

Files

3b18f97ec344df58e02b5530c5845f4b
.exe windows:4 windows x86 arch:x86

8512a3dccd52573844bfd4c79c64e242

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mfc42

ord4273
ord4464
ord4673
ord4274
ord6375
ord4486
ord2554
ord2512
ord5731
ord3922
ord1089
ord5199
ord2396
ord3346
ord5300
ord5302
ord2725
ord4079
ord5307
ord5289
ord4622
ord4424
ord3738
ord815
ord561
ord1768
ord6215
ord2621
ord1134
ord4698
ord4644
ord1771
ord6366
ord2413
ord2024
ord4217
ord2576
ord4397
ord3352
ord3577
ord567
ord692
ord2937
ord3092
ord5890
ord5896
ord3619
ord3573
ord3737
ord3626
ord3663
ord2414
ord2859
ord2380
ord613
ord289
ord2642
ord6880
ord1641
ord2078
ord4123
ord2860
ord1849
ord5875
ord4400
ord4532
ord5253
ord3371
ord3641
ord3402
ord3630
ord2583
ord4403
ord384
ord303
ord682
ord686
ord4244
ord3571
ord6241
ord4284
ord6696
ord3996
ord2862
ord2096
ord3302
ord6905
ord4242
ord2723
ord2390
ord3059
ord5100
ord5103
ord4467
ord4303
ord3350
ord5012
ord5241
ord5472
ord3403
ord800
ord2878
ord4151
ord4077
ord5237
ord5282
ord2649
ord1665
ord4436
ord4427
ord3623
ord674
ord1200
ord560
ord366
ord4224
ord3706
ord6197
ord4287
ord4457
ord5252
ord5030
ord5054
ord4413
ord3708
ord781
ord4275
ord6200
ord858
ord3771
ord1928
ord4264
ord6232
ord6148
ord2568
ord6268
ord6271
ord3225
ord3257
ord3912
ord2544
ord2543
ord2511
ord978
ord1731
ord5851
ord2883
ord2398
ord2418
ord6224
ord6226
ord2429
ord2250
ord4732
ord5477
ord2259
ord4836
ord4440
ord527
ord794
ord2567
ord6230
ord4789
ord6455
ord3481
ord3693
ord2411
ord2023
ord4218
ord2578
ord4398
ord3582
ord616
ord4133
ord4297
ord5788
ord5852
ord2252
ord6120
ord2575
ord4396
ord3574
ord609
ord556
ord809
ord6358
ord1088
ord2122
ord5781
ord1576
ord4407
ord1775
ord4078
ord6052
ord2514
ord4998
ord4853
ord6134
ord2379
ord2111
ord2086
ord4234
ord2302
ord825
ord324
ord641
ord3597
ord4425
ord4627
ord4080
ord3079
ord3825
ord3831
ord3830
ord2976
ord3081
ord2985
ord813
ord4432
ord5260
ord1726
ord3748
ord5290
ord5240
ord1776
ord3262
ord3136
ord4465
ord3259
ord3147
ord6055
ord4108
ord4961
ord4964
ord4524
ord4529
ord4526
ord4543
ord4545
ord4531
ord4890
ord4723
ord4349
ord4341
ord5076
ord4892
ord4370
ord4899
ord4588
ord4589
ord1945
ord823
ord4710
ord470
ord2754
ord755
ord4299
ord537
ord2864
ord5280
ord540
ord3874
ord6282
ord6283
ord2092
ord6199
ord2982
ord5277
ord2124
ord2446
ord5261
ord1727
ord5065
ord3749
ord6376
ord2055
ord2648
ord4441
ord4837
ord3798
ord4353
ord6374
ord5163
ord2879
ord2385
ord4376
ord975
ord5265
ord1168

msvcrt

__CxxFrameHandler
sscanf
strstr
_ftol
sprintf
qsort
atoi
_beginthreadex
_endthreadex
_purecall
memmove
__dllonexit
_onexit
_except_handler3
?terminate@@YAXXZ
_exit
_XcptFilter
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_controlfp
fclose
free
malloc
rand
srand
time
_itoa
_setmbcp

kernel32

ReadFile
DeleteCriticalSection
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
UnmapViewOfFile
MapViewOfFile
OpenFileMappingA
LockResource
LoadResource
SizeofResource
FindResourceA
GetLastError
CreateFileMappingA
VirtualFree
PeekNamedPipe
GetStartupInfoA
GetNamedPipeInfo
GetModuleHandleA
WaitForSingleObject
CloseHandle
Sleep
GetCommandLineA
WriteFile

user32

GetWindowLongA
GetSystemMetrics
InflateRect
FillRect
SystemParametersInfoA
LoadIconA
SetWindowRgn
GetWindowRgn
SendMessageTimeoutA
PostMessageA
TranslateMessage
DispatchMessageA
CopyRect
DrawTextA
KillTimer
CreateIconIndirect
RedrawWindow
SetTimer
InvalidateRect
SetRect
GetWindowRect
GetCursorPos
ScreenToClient
PtInRect
OffsetRect
SetRectEmpty
SubtractRect
SetCursor
GetDC
ReleaseDC
PeekMessageA
MessageBoxA
UpdateWindow
EnableWindow
EndPaint
PostThreadMessageA
GetClientRect
GetWindow
GetSysColor
IsWindow
SendMessageA
IsWindowVisible

gdi32

RoundRect
SetBkColor
ExtTextOutA
MoveToEx
LineTo
SelectClipRgn
CreatePen
SelectObject
CreateRectRgn
OffsetRgn
CombineRgn
CreateFontA
CreatePatternBrush
CreateBitmap
DeleteObject
CreateSolidBrush
CreateDIBitmap
SetBrushOrgEx
StretchDIBits
SetStretchBltMode
CreateDIBSection
DeleteDC
CreateCompatibleDC
GetObjectA
SetDIBitsToDevice
CreateCompatibleBitmap
BitBlt
SetBkMode
Ellipse
TextOutA
GetCurrentObject
SetTextColor
SetWindowOrgEx
DPtoLP
SetMapMode
GetMapMode
LPtoDP
GetClipBox
GetStockObject

shell32

ShellExecuteA

comctl32

ImageList_AddMasked
_TrackMouseEvent

winmm

timeGetTime
waveOutReset
waveOutUnprepareHeader
waveOutClose
PlaySoundA

ws2_32

WSAIsBlocking
WSACancelBlockingCall
WSACleanup
shutdown
closesocket

Exports

Exports

InitDll

Sections

.text
Size: 132KB - Virtual size: 130KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 100KB - Virtual size: 4.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 372KB - Virtual size: 371KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8512a3dccd52573844bfd4c79c64e242

Headers

File Characteristics

Imports

mfc42

msvcrt

kernel32

user32

gdi32

shell32

comctl32

winmm

ws2_32

Exports

Exports

Sections

.text Size: 132KB - Virtual size: 130KB

.rdata Size: 20KB - Virtual size: 18KB

.data Size: 100KB - Virtual size: 4.1MB

.rsrc Size: 372KB - Virtual size: 371KB

.text
Size: 132KB - Virtual size: 130KB

.rdata
Size: 20KB - Virtual size: 18KB

.data
Size: 100KB - Virtual size: 4.1MB

.rsrc
Size: 372KB - Virtual size: 371KB