3b6118dd948e685971c58c1e07e68f78

Sharing

Copy URL Twitter E-mail

General

Target

3b6118dd948e685971c58c1e07e68f78
Size

242KB
MD5

3b6118dd948e685971c58c1e07e68f78
SHA1

6f2ab49b95a3c6b7869d0f0b5fed4761fdceabcf
SHA256

8426dc15a38d9dda4760d88064bcaffd0a4e7bd013a557bf45eac0ba9983cecc
SHA512

d042af5f8debc4acbd3b18c03ecf36bdc6834672cadcea723062d03779a5e56578acb3acd5c6d5e199aebcd1511aef6f399d68cc440f4429f3f8f488501ffe9e
SSDEEP

6144:Bc7h+7eqDNO4FJnMmdRXnycUliF+X/M+/fqz3qZVsKTlLwRz:wqogndd0m+/7RLwRz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3b6118dd948e685971c58c1e07e68f78

Files

3b6118dd948e685971c58c1e07e68f78
.exe windows:4 windows x86 arch:x86

73afcec9f599bcae9f448cdfc94d6c34

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

crypt32

CryptHashPublicKeyInfo

ole32

OleUninitialize
OleSetClipboard
OleFlushClipboard
StringFromGUID2
CoTaskMemFree
CoTaskMemRealloc
RevokeDragDrop
RegisterDragDrop
CoCreateInstance
CoTaskMemAlloc
CoRegisterClassObject
CoRegisterMessageFilter
CoRevokeClassObject
OleGetClipboard

advapi32

RegEnumKeyExA
RegDeleteKeyA
RegQueryValueExW
RegCloseKey
RegOpenKeyExA
RegSetValueExA
RegCreateKeyExA
RegOpenKeyExW
RegDeleteValueA
RegQueryInfoKeyA

msvcrt

_wtoi
free
_mbsrchr
wcslen
_XcptFilter
__setusermatherr
wcscmp
_wcsnicmp
_c_exit
__p__commode
_ismbblead
__dllonexit
__CxxFrameHandler
__p__fmode
__getmainargs
_adjust_fdiv
swscanf
memset
_acmdln
_onexit
_cexit
_CxxThrowException
_exit
exit
malloc
_initterm
??1type_info@@UAE@XZ
_vsnwprintf
_amsg_exit
realloc
_controlfp
__set_app_type
_except_handler3

wintrust

WTHelperGetProvCertFromChain
WTHelperGetProvSignerFromChain
WinVerifyTrust
WTHelperProvDataFromStateData

kernel32

DeleteCriticalSection
IsDBCSLeadByte
SetLastError
GetProcessVersion
FreeLibrary
MultiByteToWideChar
VirtualProtect
AddAtomA
SizeofResource
InitializeCriticalSection
GetModuleHandleW
InterlockedIncrement
RaiseException
TerminateProcess
lstrcpynA
GetFileSize
ExitProcess
GetSystemTimeAsFileTime
GetVersionExA
SetEvent
GetProcAddress
LocalFree
GetCurrentThreadId
QueryPerformanceCounter
LoadLibraryExW
lstrlenA
ExitProcess
GetVersion
Sleep
GetThreadLocale
CloseHandle
WaitForSingleObject
GetCommandLineW
CreateThread
LoadLibraryExA
WideCharToMultiByte
FindResourceA
SetErrorMode
SetUnhandledExceptionFilter
OutputDebugStringA
GetCurrentProcess
VirtualAlloc
GetTickCount
UnhandledExceptionFilter
InterlockedExchange
GetLastError
lstrlenW
LoadResource
GetModuleFileNameA
InterlockedDecrement
GetACP
FormatMessageA
LoadLibraryW
GetModuleFileNameW
GetSystemDirectoryW
CreateEventA
GetLocaleInfoA
GetModuleHandleA
GetFileAttributesW
LoadLibraryA
lstrcmpiA
LocalAlloc
GetCurrentProcessId
GetStartupInfoA

user32

LoadAcceleratorsA
TranslateAcceleratorA
IsWindow
GetMessageW
PostThreadMessageA
IsIconic
BeginPaint
EndPaint
SetCursor
PeekMessageA
GetAsyncKeyState
GetMessageA
CharNextA
SetTimer
LoadCursorA
GetParent
GetClassNameA
GetCursorPos
MessageBeep
GetClientRect
SetWindowLongA
OffsetRect
MessageBoxW
LoadIconA
SetWindowPos
UpdateWindow
DestroyWindow
GetActiveWindow
ShowWindow
RegisterWindowMessageA
KillTimer
MessageBoxA
EnumWindowStationsA
SetRect
DispatchMessageA
SystemParametersInfoA
WaitMessage
TranslateMessage
SendMessageA
GetSystemMetrics
FillRect
GetWindowPlacement
GetWindowLongA
GetWindowRect
MoveWindow
DestroyIcon
PostQuitMessage
SetFocus
EnableWindow
GetFocus

Sections

.text
Size: 112KB - Virtual size: 112KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 110KB - Virtual size: 110KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 138KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

73afcec9f599bcae9f448cdfc94d6c34

Headers

File Characteristics

Imports

crypt32

ole32

advapi32

msvcrt

wintrust

kernel32

user32

Sections

.text Size: 112KB - Virtual size: 112KB

.rdata Size: 5KB - Virtual size: 4KB

.data Size: 110KB - Virtual size: 110KB

.rsrc Size: 13KB - Virtual size: 138KB

.text
Size: 112KB - Virtual size: 112KB

.rdata
Size: 5KB - Virtual size: 4KB

.data
Size: 110KB - Virtual size: 110KB

.rsrc
Size: 13KB - Virtual size: 138KB