3a2db634ba3ea4948b9335f07f71edb8

Sharing

Copy URL Twitter E-mail

General

Target

3a2db634ba3ea4948b9335f07f71edb8
Size

92KB
MD5

3a2db634ba3ea4948b9335f07f71edb8
SHA1

743e11f174d825cf9bb9077429266906a41b5ff0
SHA256

ed803795d4b9660deb8b9ea0fb99b1993a7dc2111e8b38f4ee6b6b13b0a1ffca
SHA512

66f4e761d0665699defaca3c127ca37c05eb03e2db311bc52bb3cd29ebef3d3e8af23f3ed35febe29c26b7b01907608e83a007ff815110c1745860331d631076
SSDEEP

1536:DYdJ/lyWtzAU2Zdg+gLspZdlZgoOoRGhWVSUihMTVHQmUrJMuOFVQ7hv0Z8vQ0:yyWtzAVZzB7goDGhmjiWT5QTPSVQ7aZ8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3a2db634ba3ea4948b9335f07f71edb8

Files

3a2db634ba3ea4948b9335f07f71edb8
.exe windows:5 windows x86 arch:x86

deb90827d020e21ad24a10fd81a16ef4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

??2@YAPAXI@Z
??3@YAXPAX@Z
sprintf

gdiplus

GdipCloneMatrix
GdipCreateMatrix
GdipPrivateAddFontFile
GdipIsVisibleRect
GdipIsVisibleRectI
GdipGetFontCollectionFamilyList
GdipPathIterGetSubpathCount
GdipPathIterIsValid
GdipPathIterHasCurve

kernel32

LocalAlloc
FreeLibrary
InterlockedExchange
GetLastError
SearchPathW
CancelDeviceWakeupRequest
GetTapePosition
SearchPathA
PrepareTape
MoveFileA
RequestDeviceWakeup
LoadLibraryA
HeapAlloc
GetEnvironmentVariableA
GetModuleHandleA
CloseHandle
GetThreadContext
SetErrorMode
SetUnhandledExceptionFilter
HeapFree
GetModuleHandleExW
HeapCreate
SetTimeZoneInformation
MultiByteToWideChar
GetProcAddress
GlobalFree
GlobalHandle
RaiseException
GetCommandLineW

user32

GetMenuItemCount
FrameRect
GetSysColorBrush
GetListBoxInfo
SetWindowLongW
ReleaseDC
GetWindowLongW
SetRect
TrackPopupMenuEx
GetMenu
LockWindowUpdate
TranslateMessage
GetDC
wsprintfW
DialogBoxParamW
GetFocus
GetWindowDC
GetWindowRect
GetMessageA
DispatchMessageA
DestroyMenu

advapi32

RegCreateKeyW
RegisterServiceCtrlHandlerA
RegQueryInfoKeyW
ChangeServiceConfigA
QueryServiceStatus
RegOpenKeyExW
InitiateSystemShutdownExW
QueryServiceConfigW

Exports

Exports

_DisplayDialog@12
_GetOffset@8
_ResetCounter@4
_Set_Event@8

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 216B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 79KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 526B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

deb90827d020e21ad24a10fd81a16ef4

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

gdiplus

kernel32

user32

advapi32

Exports

Exports

Sections

.text Size: 8KB - Virtual size: 8KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 512B - Virtual size: 216B

.rsrc Size: 79KB - Virtual size: 78KB

.reloc Size: 1024B - Virtual size: 526B

.text
Size: 8KB - Virtual size: 8KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 512B - Virtual size: 216B

.rsrc
Size: 79KB - Virtual size: 78KB

.reloc
Size: 1024B - Virtual size: 526B