3a1d2faa31e5cb5f8198a6c87e6156c9

Sharing

Copy URL

Twitter E-mail

General

Target

3a1d2faa31e5cb5f8198a6c87e6156c9
Size

384KB
MD5

3a1d2faa31e5cb5f8198a6c87e6156c9
SHA1

b3064aea214f8a0f6db46308d438dd245d8f25c4
SHA256

686352c3df7cbace942cc5c552df75cbd73c267baf8521d719655fd2948e7957
SHA512

4852e2586cd5bc2dcdf45016a08c767874b43acd3c422ae6f748beb6f62ccfae2d522d014656bcd6bdfe3568446555bed44700e5155a1c073401a54686edace0
SSDEEP

6144:MwsMYd/1eWItX9O8C2EdnFodgO/+GeZeNodQAyLn2ctnzd0fo1Quk2AdyyzgkVA:MwDkAWwX9q2EtFS/+Ds2eAyzpz2QSx5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3a1d2faa31e5cb5f8198a6c87e6156c9

Files

3a1d2faa31e5cb5f8198a6c87e6156c9
.exe windows:4 windows x86 arch:x86

d7618e10ced6c64032dcb26c07b5376f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comdlg32

ReplaceTextA
ChooseFontW

gdi32

ResetDCW
GetTextCharsetInfo
AnimatePalette
GetBoundsRect
EnumICMProfilesA
GetICMProfileW
GetTextFaceA
CloseMetaFile
SetMapperFlags
PlayMetaFileRecord
Ellipse
PolyBezierTo
PolyTextOutA
GetGlyphOutlineA
GetCharABCWidthsFloatW
SetColorAdjustment
SetLayout
EnumObjects
GdiSetBatchLimit
CheckColorsInGamut
PtVisible
GetKerningPairsA
GetEnhMetaFileDescriptionW
SetPixel

shell32

FindExecutableW

comctl32

ImageList_GetFlags
ImageList_BeginDrag
ImageList_Duplicate
ImageList_AddMasked
GetEffectiveClientRect
ImageList_DragShowNolock
ImageList_GetImageInfo
ImageList_SetFilter
InitMUILanguage
DrawStatusTextA
ImageList_SetDragCursorImage
ImageList_Write
DrawStatusTextW
ImageList_ReplaceIcon
ImageList_Read
ImageList_SetFlags
ImageList_GetImageRect
InitCommonControlsEx
MakeDragList

user32

SetWindowsHookW
DdeDisconnectList
SetClipboardData
GetMenuStringA
GetScrollInfo
DefWindowProcA
DestroyWindow
CreateWindowExW
InvalidateRgn
LoadCursorFromFileA
RegisterClassExA
DestroyMenu
GrayStringA
SetScrollInfo
MessageBoxA
MoveWindow
RegisterClassA
DefWindowProcW
GetTabbedTextExtentW
CallNextHookEx
CheckDlgButton
ShowWindow
GetMessageW
ClientToScreen
SetLastErrorEx
GetTitleBarInfo
DdeSetUserHandle

kernel32

VirtualFree
SetStdHandle
InitializeCriticalSection
GetCurrentThread
GlobalHandle
HeapValidate
GetFileType
MultiByteToWideChar
FreeEnvironmentStringsW
GetModuleFileNameW
VirtualAlloc
GetVersionExA
TlsFree
GetWindowsDirectoryW
TlsSetValue
GetSystemTimeAsFileTime
RtlUnwind
GetFileAttributesW
QueryPerformanceCounter
InterlockedIncrement
OpenFileMappingA
IsValidCodePage
RtlZeroMemory
FlushFileBuffers
LeaveCriticalSection
GetDateFormatA
HeapCreate
GetEnvironmentStringsW
IsBadReadPtr
VirtualQuery
GetTimeZoneInformation
GetCurrentProcessId
GetOEMCP
GetTimeFormatA
ExitProcess
TlsGetValue
GetTickCount
IsBadWritePtr
GetStdHandle
InterlockedExchange
OutputDebugStringA
GetCompressedFileSizeA
TlsAlloc
SetConsoleCtrlHandler
SetEnvironmentVariableA
Sleep
GetModuleFileNameA
HeapAlloc
GetCurrentProcess
GetStringTypeA
SetComputerNameA
TerminateProcess
GetStringTypeW
CompareStringA
HeapFree
SetFilePointer
GetCommandLineA
LCMapStringW
LoadLibraryA
GetLogicalDriveStringsA
CloseHandle
DebugBreak
CompareStringW
WideCharToMultiByte
SetLastError
ReadFile
GetProcAddress
GetLocaleInfoW
LCMapStringA
OpenMutexA
EnumSystemLocalesA
CreateSemaphoreW
PulseEvent
GetUserDefaultLCID
HeapDestroy
GetModuleHandleA
WritePrivateProfileSectionW
DeleteCriticalSection
SetHandleCount
GetStartupInfoW
WriteFile
GetLastError
HeapReAlloc
WriteConsoleOutputCharacterA
IsValidLocale
FreeResource
UnhandledExceptionFilter
GetACP
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStartupInfoA
EnterCriticalSection
GetCurrentThreadId
GetSystemInfo
CreateMutexA
FlushConsoleInputBuffer
GetLocaleInfoA
InterlockedDecrement
GetCommandLineW
VirtualProtect
GetCPInfo

Sections

.text
Size: 176KB - Virtual size: 174KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 100KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 96KB - Virtual size: 114KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d7618e10ced6c64032dcb26c07b5376f

Headers

File Characteristics

Imports

comdlg32

gdi32

shell32

comctl32

user32

kernel32

Sections

.text Size: 176KB - Virtual size: 174KB

.rdata Size: 100KB - Virtual size: 96KB

.data Size: 96KB - Virtual size: 114KB

.rsrc Size: 8KB - Virtual size: 6KB

.text
Size: 176KB - Virtual size: 174KB

.rdata
Size: 100KB - Virtual size: 96KB

.data
Size: 96KB - Virtual size: 114KB

.rsrc
Size: 8KB - Virtual size: 6KB