3885e4950a31bab783892540ac59034c

Sharing

Copy URL Twitter E-mail

General

Target

3885e4950a31bab783892540ac59034c
Size

241KB
MD5

3885e4950a31bab783892540ac59034c
SHA1

90b3cd677e670be9bce3f2befd23be2239e423b6
SHA256

89969c9e1614429de1739082c4f12e1ecc33e0cfecace3749adffeb424ca7946
SHA512

ea7df5094edfa79654daac3eedb034365d7b267b43223631b79269a5a4fb4a15fd4278cb1bd42e491970067285ec08caa06fdd5658e3ad7f5ce07a11a36a8d3b
SSDEEP

6144:iCtiR9XBj1F9gui2m3BbxAqVYrtLomvsH1oymRHxsG8HyA+JCeR/WtYjw:oRzjauhxRU1iRsG8HyjCcuY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3885e4950a31bab783892540ac59034c

Files

3885e4950a31bab783892540ac59034c
.exe windows:4 windows x86 arch:x86

8dbcfd62b9a3a42c323f6d589a17e759

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLastError
GetStartupInfoW
WideCharToMultiByte
IsValidCodePage
GetProcAddress
GetStringTypeW
HeapReAlloc
LCMapStringA
VirtualLock
GetEnvironmentStringsW
GetCurrentProcessId
LeaveCriticalSection
WriteProfileStringW
DeleteCriticalSection
MultiByteToWideChar
SetUnhandledExceptionFilter
GetTimeFormatA
FormatMessageW
SetConsoleCtrlHandler
Sleep
WriteFile
SetHandleCount
GetEnvironmentVariableW
GetModuleFileNameW
GetUserDefaultLCID
EnumSystemLocalesW
GetCommandLineW
HeapLock
VirtualFree
ExitProcess
GetTickCount
AllocConsole
LCMapStringW
HeapFree
GetPrivateProfileSectionNamesA
GetModuleFileNameA
GetLocaleInfoA
LoadLibraryA
QueryPerformanceCounter
GetDiskFreeSpaceExW
VirtualAlloc
LocalAlloc
ExitThread
SetLastError
GetCurrentProcess
TerminateProcess
GetCurrentThreadId
TlsGetValue
GetExitCodeThread
EnterCriticalSection
GetACP
InterlockedDecrement
SetEnvironmentVariableA
GetStdHandle
ResetEvent
GetSystemTimeAsFileTime
CompareStringA
EnumCalendarInfoA
EnumTimeFormatsW
CompareStringW
EnumSystemLocalesA
GetDriveTypeA
IsDebuggerPresent
HeapCreate
TlsFree
GetCommandLineA
FreeLibrary
InterlockedIncrement
TlsSetValue
GetStartupInfoA
IsValidLocale
GetCPInfo
VirtualAllocEx
InterlockedExchange
GetFileType
TlsAlloc
GlobalAlloc
HeapDestroy
SetThreadContext
GetFullPathNameW
GetTimeZoneInformation
GetOEMCP
HeapAlloc
InitializeCriticalSectionAndSpinCount
GlobalHandle
CreateProcessA
GetModuleHandleW
VirtualQuery
GetModuleHandleA
HeapSize
GetDateFormatA
GetLocaleInfoW
RtlUnwind
GetCurrentThread
UnhandledExceptionFilter
WriteConsoleInputW
GetStringTypeA
FreeEnvironmentStringsW

shell32

SHFileOperationW
ShellExecuteW
SHEmptyRecycleBinW
DragQueryFile
SHGetSpecialFolderPathW
RealShellExecuteA
ShellExecuteExA
ExtractIconW
SHGetPathFromIDListW
SHGetDesktopFolder
SHChangeNotify
SHGetDataFromIDListA
ExtractIconEx
SHGetDataFromIDListW
SHGetPathFromIDList

Sections

.text
Size: 116KB - Virtual size: 116KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 112KB - Virtual size: 117KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8dbcfd62b9a3a42c323f6d589a17e759

Headers

File Characteristics

Imports

kernel32

shell32

Sections

.text Size: 116KB - Virtual size: 116KB

.data Size: 112KB - Virtual size: 117KB

.rsrc Size: 11KB - Virtual size: 11KB

.text
Size: 116KB - Virtual size: 116KB

.data
Size: 112KB - Virtual size: 117KB

.rsrc
Size: 11KB - Virtual size: 11KB