3b6531fbbdf783ee0fa12deeb5b36bc9

General

Target

3b6531fbbdf783ee0fa12deeb5b36bc9
Size

197KB
MD5

3b6531fbbdf783ee0fa12deeb5b36bc9
SHA1

eabf357790543f49a84f6047d4734573e3f2b3dc
SHA256

e4dfbd1e83fa524b972f3d89b020b3dfec429cba53649e96deb6303ec7aed883
SHA512

57da3b6f3aab8dc5daeb5d5e159d12d6a29cb6f3e134480459453224386ca8002a7724fb8184720884a7d112a128338c95234b71a2eab2e34c33e3b1c90983d3
SSDEEP

3072:8SMgm67GU+5mNR1+E2tmVprtnzc2jREcUrgpTcEZW/q4evRlOEAh3:8SMgm8j+o1vtzjREvrgpFZWC4AxA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3b6531fbbdf783ee0fa12deeb5b36bc9

Files

3b6531fbbdf783ee0fa12deeb5b36bc9
.exe windows:4 windows x86 arch:x86

e74b640df3a704a0dccbd436b75503f9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

wininet

InternetOpenUrlA
InternetReadFile
InternetCloseHandle
InternetOpenA

advapi32

RegEnumKeyExA
CryptDestroyKey
RegSetValueExA
GetUserNameA
CryptDestroyHash
CryptGetHashParam
RegEnumValueA
RegQueryValueExA
RegDeleteValueA
RegOpenKeyExA
CryptHashData
CryptCreateHash
CryptImportKey
RegCreateKeyExA
CryptEncrypt
CryptReleaseContext
RegCloseKey

setupapi

SetupDiGetDeviceRegistryPropertyW
CMP_WaitNoPendingInstallEvents
CM_Get_DevNode_Status

user32

DestroyWindow
RealGetWindowClassA
PeekMessageA
RegisterWindowMessageA
wsprintfA
GetDC
DispatchMessageA
ShowWindow
ReleaseDC
PostThreadMessageA
GetQueueStatus
GetDesktopWindow
CreateDialogParamA
MsgWaitForMultipleObjects
wvsprintfA

kernel32

GetTickCount
CreateFiberEx
GetLastError
CancelIo
IsBadReadPtr
GetCurrentThread
EnumResourceNamesW
GetCurrentThreadId
GetThreadPriority
GetACP
SetThreadPriority
GetSystemTime
FlushFileBuffers
VirtualFree
WaitForMultipleObjects
CreateSemaphoreA

winmm

timeGetTime
timeSetEvent

Sections

.text
Size: 171KB - Virtual size: 170KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 356KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e74b640df3a704a0dccbd436b75503f9

Headers

File Characteristics

Imports

wininet

advapi32

setupapi

user32

kernel32

winmm

Sections

.text Size: 171KB - Virtual size: 170KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 23KB - Virtual size: 22KB

.tls Size: 512B - Virtual size: 356KB

.text
Size: 171KB - Virtual size: 170KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 23KB - Virtual size: 22KB

.tls
Size: 512B - Virtual size: 356KB