386bcd891a5b56533bb53d149f3c6d99

Sharing

Copy URL

Twitter E-mail

General

Target

386bcd891a5b56533bb53d149f3c6d99
Size

529KB
MD5

386bcd891a5b56533bb53d149f3c6d99
SHA1

56a46a0ec1d3617bcfa9a024129e38d50edaefb4
SHA256

767e7c1f3516a4b55050342a15e0412f4765c68b9deecebd17a53e9b4456c57a
SHA512

d9dd41bfbf467a8f88aee34aed5e6d7133c5c60d787ec63e2767d0741984160832ba8fc57d589e8dfb7ffbddb3b9c1ffc5f69d0fcf386d7b944731aa4026870c
SSDEEP

12288:xiUCs5TaTHB9tIuYvhlwO07FCQHAusZyNBIpT+hQylbpIEpVGtemhDWJ:xiUCGTaTHBnInvh6D7gQHAusZywKhQy/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
386bcd891a5b56533bb53d149f3c6d99

Files

386bcd891a5b56533bb53d149f3c6d99
.exe windows:4 windows x86 arch:x86

bcd591ceadd4d1e856de3c80d7d78210

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
HeapFree
GetEnvironmentStringsW
TerminateProcess
DeleteCriticalSection
lstrcmpiW
WideCharToMultiByte
GetConsoleTitleW
GetTickCount
VirtualAlloc
SetLastError
OpenMutexA
LoadLibraryA
GetCommandLineA
GetCommandLineW
InterlockedDecrement
InitializeCriticalSection
GetModuleHandleA
FreeEnvironmentStringsW
GetTimeZoneInformation
GetCurrentThreadId
CompareStringW
EnterCriticalSection
GetCurrentThread
GetVersion
HeapAlloc
UnhandledExceptionFilter
VirtualUnlock
GetStdHandle
LCMapStringA
GetLastError
SetStdHandle
FlushFileBuffers
GetStringTypeA
TlsAlloc
IsBadWritePtr
HeapDestroy
MultiByteToWideChar
GetModuleFileNameW
GetCPInfo
HeapReAlloc
WaitNamedPipeA
GetCurrentProcessId
SetFilePointer
VirtualFree
GetEnvironmentStrings
GetPrivateProfileIntA
GetLocalTime
FreeEnvironmentStringsA
LCMapStringW
GetStringTypeW
CreateMutexA
WriteFile
QueryPerformanceCounter
RtlUnwind
CompareStringA
VirtualQuery
GetFileType
WritePrivateProfileStringA
TlsGetValue
GetCurrentProcess
CloseHandle
TlsSetValue
LeaveCriticalSection
GetStartupInfoW
ReadFile
InterlockedIncrement
ExitProcess
GetModuleFileNameA
GlobalSize
GetSystemTimeAsFileTime
GetSystemTime
InterlockedExchange
HeapCreate
SetHandleCount
GetStartupInfoA
TlsFree
SetEnvironmentVariableA

comctl32

GetEffectiveClientRect
CreateStatusWindowW
ImageList_LoadImageW
DrawStatusTextW
CreateToolbarEx
ImageList_GetDragImage
CreateToolbar
ImageList_LoadImage
DrawInsert
ImageList_SetBkColor
ImageList_AddIcon
DestroyPropertySheetPage
ImageList_DrawEx
InitCommonControlsEx
ImageList_GetImageRect
CreatePropertySheetPageA
ImageList_GetIcon
ImageList_AddMasked
ImageList_SetImageCount

user32

GetMenuInfo
ChangeDisplaySettingsExA
SetMessageQueue
RegisterClassA
DefWindowProcA
OpenDesktopA
CreateIconFromResource
MessageBoxA
IsWindowUnicode
LoadCursorA
CreateMDIWindowA
DestroyWindow
LoadKeyboardLayoutA
DragDetect
CharPrevA
GetMenuItemRect
IsCharAlphaW
RegisterClassW
MessageBoxIndirectA
RegisterClassExA
CreateWindowExW
ShowWindow
GetUpdateRgn
SetScrollRange
GetDoubleClickTime

Sections

.text
Size: 168KB - Virtual size: 167KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 201KB - Virtual size: 232KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 108KB - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 51KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bcd591ceadd4d1e856de3c80d7d78210

Headers

File Characteristics

Imports

kernel32

comctl32

user32

Sections

.text Size: 168KB - Virtual size: 167KB

.rdata Size: 201KB - Virtual size: 232KB

.data Size: 108KB - Virtual size: 107KB

.rsrc Size: 51KB - Virtual size: 51KB

.text
Size: 168KB - Virtual size: 167KB

.rdata
Size: 201KB - Virtual size: 232KB

.data
Size: 108KB - Virtual size: 107KB

.rsrc
Size: 51KB - Virtual size: 51KB