3944a76d2040ca74aa88a0ec43f6e3f5

Sharing

Copy URL Twitter E-mail

General

Target

3944a76d2040ca74aa88a0ec43f6e3f5
Size

48KB
MD5

3944a76d2040ca74aa88a0ec43f6e3f5
SHA1

5525227a19046bd284f4e3b23341f71a7d43af01
SHA256

8a3b76fe7914ab9fcd8ba762d3f3274843f1dbe4255f43abf41fa58473f19a33
SHA512

a2b459dd8e6eb71f451e31cc1a295ab65fbfe9caf11077155f5134c963a6e9b966b47098e0cf064ea6acc958f03a724bf9bd9adc38756b431e4cd624fe2d5534
SSDEEP

768:1jgVrErKxNhc7e8oNFl253eoNexx38koqtoTYq1H5:mVQKjG7efU5OyWd3oTT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3944a76d2040ca74aa88a0ec43f6e3f5

Files

3944a76d2040ca74aa88a0ec43f6e3f5
.exe windows:4 windows x86 arch:x86

fa8efa8121520a18e95fd9dcd49f9185

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

InternetGetConnectedState
InternetOpenUrlA
InternetOpenA
InternetReadFile
InternetCloseHandle
HttpQueryInfoW

netapi32

Netbios

comctl32

_TrackMouseEvent
ord17

kernel32

MapViewOfFile
GlobalLock
GlobalAlloc
CloseHandle
lstrcpyW
CreateFileMappingW
GetProcAddress
GlobalFree
GlobalUnlock
_lclose
_lread
UnmapViewOfFile
FreeLibrary
GetShortPathNameA
CreateMutexW
lstrlenW
_lcreat
_llseek
CreateProcessA
GetDriveTypeA
GetLogicalDriveStringsA
GetLogicalDriveStringsW
FindClose
FindNextFileA
SetCurrentDirectoryA
FindFirstFileA
WideCharToMultiByte
MultiByteToWideChar
LoadLibraryW
GetStringTypeA
GetStringTypeW
GetLastError
LCMapStringW
LCMapStringA
LoadLibraryA
GetSystemDirectoryA
_lwrite
_lopen
GetSystemTime
WriteFile
VirtualFree
HeapCreate
HeapFree
GetFileType
GetStdHandle
HeapDestroy
GetEnvironmentStringsW
GetEnvironmentStrings
SetHandleCount
FreeEnvironmentStringsA
GetModuleFileNameA
RtlUnwind
FreeEnvironmentStringsW
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
ExitProcess
GetVersion
HeapReAlloc
GetCommandLineA
GetStartupInfoA
GetModuleHandleA
CreateDirectoryA
GetCPInfo
GetACP
GetOEMCP
HeapAlloc
VirtualAlloc

user32

SendDlgItemMessageW
SendDlgItemMessageA
GetWindowRect
EndDialog
SetClipboardData
EmptyClipboard
GetWindowTextA
IsWindow
ClientToScreen
LoadMenuW
CreateWindowExW
GetWindowLongW
SetWindowLongW
UpdateWindow
GetMessageW
TranslateMessage
PostMessageW
DispatchMessageW
InsertMenuA
GetSubMenu
TrackPopupMenu
DestroyMenu
GetWindowTextW
IsWindowEnabled
GetFocus
OpenClipboard
GetClipboardData
CloseClipboard
SendMessageW
EndPaint
SetFocus
PostQuitMessage
ShowWindow
SetRect
KillTimer
FindWindowW
EnumWindows
wsprintfA
InvalidateRect
MoveWindow
GetActiveWindow
SetWindowTextA
DialogBoxParamA
SetWindowPos
GetSystemMetrics
LoadCursorW
DefWindowProcW
RegisterClassW
SetTimer
BeginPaint

gdi32

DeleteObject
StretchBlt
SelectObject
CreateCompatibleDC
CreateDIBitmap
LineTo
MoveToEx
GetStockObject
DeleteDC

advapi32

RegCloseKey
RegQueryValueExA
RegOpenKeyExA

shell32

ShellExecuteA

ole32

CoCreateInstance
CLSIDFromProgID
CoInitialize
CoUninitialize

Sections

.text
Size: 28KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fa8efa8121520a18e95fd9dcd49f9185

Headers

File Characteristics

Imports

wininet

netapi32

comctl32

kernel32

user32

gdi32

advapi32

shell32

ole32

Sections

.text Size: 28KB - Virtual size: 26KB

.rdata Size: 8KB - Virtual size: 7KB

.data Size: 4KB - Virtual size: 8KB

.rsrc Size: 4KB - Virtual size: 3KB

.text
Size: 28KB - Virtual size: 26KB

.rdata
Size: 8KB - Virtual size: 7KB

.data
Size: 4KB - Virtual size: 8KB

.rsrc
Size: 4KB - Virtual size: 3KB