379eb7ceeea62e852ffe7e349d6a2c8b

Sharing

Copy URL Twitter E-mail

General

Target

379eb7ceeea62e852ffe7e349d6a2c8b
Size

615KB
MD5

379eb7ceeea62e852ffe7e349d6a2c8b
SHA1

d80139b60b2a3acda19a8ce7fad4770d16fda217
SHA256

a2c5f6e3c585083072541921b72e18a06a3a0680b549ecfd2e186eedcc01d33e
SHA512

249f7f26fb2bc57654640b9c08f914d1436e9b00e64bccf45d03efbae603edf6780611b98e8fe9fdc6bc1454f7516bb9842ea3ab8d1dbdda3eb6d1e4306b97cd
SSDEEP

12288:Ko3Hb6b+cTeISWqDmtY1Lpy1BShg9EedP0ELexnXFi/H:Ko3HbDc/PqyWn+ADe3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
379eb7ceeea62e852ffe7e349d6a2c8b

Files

379eb7ceeea62e852ffe7e349d6a2c8b
.exe windows:4 windows x86 arch:x86

38b33505b8993418dbc4c8fc448a7ceb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

SHQueryRecycleBinA
RealShellExecuteW
SHGetSpecialFolderLocation
FindExecutableA
ExtractAssociatedIconExA

kernel32

HeapFree
GetLocaleInfoW
UnmapViewOfFile
GetStartupInfoA
SetThreadAffinityMask
DuplicateHandle
LeaveCriticalSection
InterlockedIncrement
WriteConsoleOutputW
GlobalLock
LocalFree
FreeResource
InitializeCriticalSection
CreateToolhelp32Snapshot
CloseHandle
GetEnvironmentStringsW
CreateMutexA
GetCurrentProcessId
WriteConsoleOutputAttribute
OpenMutexA
GetSystemInfo
GetTimeFormatA
GetCurrentThread
ReadConsoleOutputCharacterW
HeapSize
HeapCreate
MoveFileExA
GetLastError
LocalAlloc
GlobalGetAtomNameW
WriteFile
ReadFile
GetProfileIntW
SetEnvironmentVariableA
TlsFree
GetCurrentProcess
FlushFileBuffers
WriteProfileStringW
WriteProfileSectionW
GetCurrentThreadId
TlsAlloc
WritePrivateProfileStructA
CompareFileTime
GetUserDefaultLCID
SetConsoleCtrlHandler
GetFileType
SetConsoleWindowInfo
GetDateFormatA
GetACP
IsValidLocale
VirtualFree
HeapReAlloc
TlsGetValue
HeapDestroy
GetTickCount
DebugBreak
ConnectNamedPipe
SetConsoleTextAttribute
GetModuleHandleA
GetVersionExA
LockFile
EnumCalendarInfoExA
EnterCriticalSection
GetExitCodeProcess
lstrlenW
CompareStringW
EnumSystemLocalesA
UnhandledExceptionFilter
WaitCommEvent
FillConsoleOutputCharacterW
GetCalendarInfoA
QueryPerformanceCounter
GetProcAddress
lstrcmp
GlobalAddAtomW
FillConsoleOutputAttribute
SetConsoleScreenBufferSize
DeleteCriticalSection
lstrlen
CompareStringA
OpenMutexW
SystemTimeToTzSpecificLocalTime
GetSystemTimeAsFileTime
TlsSetValue
WriteConsoleOutputCharacterW
LocalSize
SetStdHandle
GetLocaleInfoA
GetCPInfo
SetHandleCount
GetCommandLineA
WideCharToMultiByte
IsValidCodePage
TerminateProcess
InterlockedExchange
MultiByteToWideChar
LCMapStringW
ExitProcess
SetFilePointer
GetThreadPriorityBoost
GetStdHandle
OpenWaitableTimerA
LoadLibraryA
GetModuleFileNameA
RtlUnwind
GetTimeZoneInformation
FreeEnvironmentStringsA
LCMapStringA
GetStringTypeW
GetModuleFileNameW
FreeEnvironmentStringsW
SetLastError
IsBadWritePtr
VirtualProtect
LocalReAlloc
GetStringTypeA
CreateDirectoryA
GetUserDefaultLangID
GetOEMCP
GetTimeFormatW
HeapAlloc
VirtualAlloc
GetEnvironmentStrings
VirtualQuery
SetFileAttributesW
GetTempFileNameA

comctl32

InitCommonControlsEx
ImageList_LoadImageW
ImageList_SetOverlayImage
ImageList_GetImageCount

user32

FillRect
DdeSetUserHandle
SetActiveWindow
DefWindowProcW
GetClassLongW
ChangeDisplaySettingsExA
VkKeyScanW
DdeUnaccessData
VkKeyScanExW
SetDebugErrorLevel
TranslateAcceleratorW
InSendMessageEx
DlgDirListComboBoxW
EqualRect
ChangeDisplaySettingsW
CreateWindowExA
RegisterClassA
DestroyWindow
ShowWindow
RegisterClassExA
SetWindowsHookExW
EnumDesktopsW
LoadAcceleratorsW
InvalidateRgn
SetMenuContextHelpId
GetCursorPos
MessageBoxW
ExitWindowsEx
FlashWindow
CreateIconFromResourceEx
SetMenuItemInfoA
CopyAcceleratorTableA
CharUpperW
GetMenuDefaultItem
DdeCreateDataHandle
MapVirtualKeyExA
DdeFreeDataHandle
IsCharAlphaNumericW

Sections

.text
Size: 153KB - Virtual size: 153KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 246KB - Virtual size: 245KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 110KB - Virtual size: 117KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 104KB - Virtual size: 103KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

38b33505b8993418dbc4c8fc448a7ceb

Headers

File Characteristics

Imports

shell32

kernel32

comctl32

user32

Sections

.text Size: 153KB - Virtual size: 153KB

.rdata Size: 246KB - Virtual size: 245KB

.data Size: 110KB - Virtual size: 117KB

.rsrc Size: 104KB - Virtual size: 103KB

.text
Size: 153KB - Virtual size: 153KB

.rdata
Size: 246KB - Virtual size: 245KB

.data
Size: 110KB - Virtual size: 117KB

.rsrc
Size: 104KB - Virtual size: 103KB