3891a263bc8a128f98d4588114d00c7b

Sharing

Copy URL Twitter E-mail

General

Target

3891a263bc8a128f98d4588114d00c7b
Size

78KB
MD5

3891a263bc8a128f98d4588114d00c7b
SHA1

7fc6da7d36fc711b36433ab13e4b570aa49ac670
SHA256

d5799230b728bac6e65550b1c6678e04513db320e5e49d53c6938a1466c0f87f
SHA512

5c7f6896fa0e5e76c1671c6fd8715d7246ae68d293c18a0a1be12986fd6b7613ee411f7d7c6e79a2705bdc32ddc222f5b39bebb757f6b295b38b706e8bcaec6d
SSDEEP

1536:64TfQ6GGIbdTrVONpFCbFv7z3fPVoUqm1KQNcYGOn5fzcvf:LI6JIreFiFjzaUqmbj357a

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3891a263bc8a128f98d4588114d00c7b

Files

3891a263bc8a128f98d4588114d00c7b
.exe windows:4 windows x86 arch:x86

36b532d501f27a66d39422e945ae2341

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

BeginUpdateResourceA
CloseHandle
CreatePipe
DeleteTimerQueueTimer
EnumUILanguagesA
ExitProcess
FindFirstFileW
FormatMessageW
GetCommState
GetCommandLineA
GetCurrencyFormatA
GetDateFormatA
GetDriveTypeW
GetEnvironmentStringsA
GetExitCodeProcess
GetLogicalDrives
GetModuleHandleA
GetShortPathNameW
GetStartupInfoA
GetVersionExA
HeapAlloc
HeapCreate
HeapUnlock
HeapWalk
LocalFileTimeToFileTime
SetSystemTimeAdjustment
SetThreadLocale
WaitForMultipleObjectsEx
lstrcmpiA

user32

ReleaseCapture
RegisterClassExA
RegisterClassA
PeekMessageA
LoadAcceleratorsA
KillTimer
ScrollWindowEx
InvalidateRgn
IntersectRect
GetSystemMetrics
GetDlgCtrlID
GetDC
GetClassLongA
GetCapture
SetTimer
SystemParametersInfoA
IsDialogMessageA
ExitWindowsEx
EnumChildWindows
EnableMenuItem
DrawMenuBar
DrawEdge
DestroyWindow
DestroyIcon
CheckRadioButton
BeginDeferWindowPos
MessageBoxA

advapi32

CryptEncrypt
CopySid
ConvertSecurityDescriptorToAccessW
CryptGetDefaultProviderW
CloseTrace
AccessCheckByTypeResultListAndAuditAlarmW
AccessCheckByTypeAndAuditAlarmW
AccessCheckAndAuditAlarmW
CryptSignHashW
SetSecurityDescriptorRMControl
SetSecurityDescriptorGroup
SetEntriesInAclA
ReportEventA
RegisterTraceGuidsW
RegReplaceKeyA
RegOpenCurrentUser
RegEnumValueA
OpenSCManagerA
DuplicateEncryptionInfoFile
LsaDeleteTrustedDomain
LookupPrivilegeDisplayNameW
GetTrusteeFormW
GetNamedSecurityInfoExA
FileEncryptionStatusA
ElfCloseEventLog

olepro32

OleCreatePropertyFrame
OleCreateFontIndirect
OleTranslateColor

oleacc

ObjectFromLresult
AccessibleChildren
CreateStdAccessibleProxyA
CreateStdAccessibleProxyW
GetOleaccVersionInfo

oledlg

OleUICanConvertOrActivateAs
OleUIEditLinksA
OleUIBusyW

Sections

.text
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 27KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

36b532d501f27a66d39422e945ae2341

Headers

File Characteristics

Imports

kernel32

user32

advapi32

olepro32

oleacc

oledlg

Sections

.text Size: 48KB - Virtual size: 48KB

.data Size: 27KB - Virtual size: 28KB

.rsrc Size: 1024B - Virtual size: 4KB

.reloc Size: 1KB - Virtual size: 4KB

.text
Size: 48KB - Virtual size: 48KB

.data
Size: 27KB - Virtual size: 28KB

.rsrc
Size: 1024B - Virtual size: 4KB

.reloc
Size: 1KB - Virtual size: 4KB