38ed404417e20d818d9ce8a60682137c

Sharing

Copy URL Twitter E-mail

General

Target

38ed404417e20d818d9ce8a60682137c
Size

320KB
MD5

38ed404417e20d818d9ce8a60682137c
SHA1

7f89422278076c5cac4dff7a24c35b84742a6d14
SHA256

bc207fd3ee74fc361b36b236343488c6311f454cf81ee14523b1a9bc9ed479ad
SHA512

d40a6bb2042b0bc9ee04636b6640e9a02d39ec0c87aee62b5573e0610855ff4cf1a37721121ef1f46ca21845b0a346cef2b772626fccaa19da3affbf7365c75f
SSDEEP

6144:zSvOcaliYu8oEdbo/IaaFSwo2CNKnyNS9dEh3o6Olh/Qu:zSkrdbo/xafon6Z9ChYLlhl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
38ed404417e20d818d9ce8a60682137c

Files

38ed404417e20d818d9ce8a60682137c
.exe windows:4 windows x86 arch:x86

3411f256cfe368a576018f68b5bd17ed

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

ShellAboutW

wininet

InternetSetDialState
InternetOpenUrlW
IsUrlCacheEntryExpiredW
GopherFindFirstFileA
CreateUrlCacheContainerA
SetUrlCacheConfigInfoA
FtpRemoveDirectoryW
DeleteIE3Cache
HttpSendRequestA

user32

PostThreadMessageA
CloseDesktop
DrawMenuBar
RegisterClassExA
TileChildWindows
CharToOemBuffA
GetMenuItemCount
DestroyAcceleratorTable
GetOpenClipboardWindow
GetMessageTime
ImpersonateDdeClientWindow
GetWindowTextA
VkKeyScanExW
SetWindowsHookW
ChangeDisplaySettingsExA
GetKeyNameTextW
RegisterClassA
DefWindowProcW
GetNextDlgGroupItem
ModifyMenuW
SetThreadDesktop
MessageBoxIndirectW

kernel32

GetEnvironmentStringsW
OpenMutexA
UnhandledExceptionFilter
GetDateFormatA
GetSystemInfo
TlsSetValue
DeleteCriticalSection
EnterCriticalSection
GetLocaleInfoA
GetUserDefaultLCID
WideCharToMultiByte
TlsAlloc
HeapFree
QueryPerformanceCounter
FreeEnvironmentStringsW
ReadFile
CreateMutexA
lstrcpynA
InterlockedExchange
SetStdHandle
GetEnvironmentStrings
GetSystemTimeAsFileTime
FreeEnvironmentStringsA
GetStartupInfoA
GetCurrentProcessId
SetFilePointer
SetLastError
GetModuleHandleA
HeapReAlloc
LeaveCriticalSection
GetLocaleInfoW
LoadLibraryA
TerminateProcess
InterlockedIncrement
GetOEMCP
GetProcAddress
EnumSystemLocalesA
GetVersionExA
VirtualFree
GetCPInfo
SetEnvironmentVariableA
IsValidCodePage
InitializeCriticalSection
GetModuleFileNameA
RtlUnwind
GetStringTypeW
CopyFileA
GetTimeZoneInformation
GetStringTypeA
FlushFileBuffers
CloseHandle
VirtualAlloc
TlsGetValue
GetACP
GetTimeFormatA
HeapAlloc
GetCommandLineA
HeapDestroy
VirtualProtect
TlsFree
VirtualQuery
HeapCreate
WriteFile
GetCurrentThread
GetLastError
ExitProcess
LCMapStringA
GetTickCount
CompareStringW
GetVolumeInformationW
GetCurrentProcess
IsValidLocale
IsBadWritePtr
GetStdHandle
GetCurrentThreadId
MultiByteToWideChar
HeapSize
SetHandleCount
GetFileType
CompareStringA
LCMapStringW

advapi32

LookupAccountSidA
RegDeleteValueA
CryptVerifySignatureA
RegSaveKeyW
CreateServiceW
RegEnumKeyA
RegQueryValueExA
CryptGetDefaultProviderW
CryptEncrypt
DuplicateToken
RegSetValueW
RegQueryValueExW
LookupPrivilegeNameA
RegCreateKeyExW
CryptSetHashParam
RegDeleteKeyA
InitiateSystemShutdownA
CryptEnumProviderTypesA
RegSetValueA
CryptGetHashParam
CryptSetKeyParam
LookupSecurityDescriptorPartsA
CryptSetProviderA
AbortSystemShutdownA

comctl32

InitCommonControlsEx

Sections

.text
Size: 130KB - Virtual size: 130KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 172KB - Virtual size: 171KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3411f256cfe368a576018f68b5bd17ed

Headers

File Characteristics

Imports

shell32

wininet

user32

kernel32

advapi32

comctl32

Sections

.text Size: 130KB - Virtual size: 130KB

.rdata Size: 9KB - Virtual size: 40KB

.data Size: 172KB - Virtual size: 171KB

.rsrc Size: 7KB - Virtual size: 7KB

.text
Size: 130KB - Virtual size: 130KB

.rdata
Size: 9KB - Virtual size: 40KB

.data
Size: 172KB - Virtual size: 171KB

.rsrc
Size: 7KB - Virtual size: 7KB