3966596c0c7641eba65d58bcb683e47a

General

Target

3966596c0c7641eba65d58bcb683e47a
Size

112KB
MD5

3966596c0c7641eba65d58bcb683e47a
SHA1

42a47e8d76ced8405e3ba43102f892ec7cc794db
SHA256

0874ba8a48e5756278f30064a65792dbf1110acb937c034422e6517e6bfcb514
SHA512

9658273d4b7ba8049ce2611a6b66e00a1822da9f15e6c91ef5f97ef575038629e5745b1fdc71178ea8cc4aa89885addb53bf981a344f5bb594629e8767cd367e
SSDEEP

1536:IWcjzhiv4AYpmVqSAI2cdpimA5KQcQmbE5aNIvIDos5zvpU/KKWuA1PsGkHyd6qe:I4vCmVPAZRgDoc7pqKSAsGNd6q9ZVU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3966596c0c7641eba65d58bcb683e47a

Files

3966596c0c7641eba65d58bcb683e47a
.dll windows:4 windows x86 arch:x86

3aabefbc3cbbdcfa10c34f8303bd0844

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetProcAddress
OpenEventA
lstrlenW
Sleep
LoadLibraryA
ReleaseMutex
InterlockedIncrement
CloseHandle
CopyFileA
GetModuleFileNameA
LocalFree
ExitProcess
WaitForSingleObject
CreateEventA
SetLastError
InterlockedDecrement
LeaveCriticalSection
UnmapViewOfFile
GetModuleHandleA
InterlockedCompareExchange
GetTickCount
MapViewOfFile
EnterCriticalSection
CreateDirectoryA
lstrlenA
GetCommandLineA
GetLastError
CreateProcessA

ole32

CreateBindCtx
CoInitialize
OleSetContainedObject
CoUninitialize
CoCreateGuid
OleCreate

user32

CreateWindowExA
SendMessageA
SetTimer
DispatchMessageA
TranslateMessage
GetMessageA
PostQuitMessage
FindWindowA
RegisterWindowMessageA
GetClassNameA
GetParent
PostMessageA
SetWindowLongA
GetWindowLongA
DestroyWindow
DefWindowProcA
KillTimer
GetSystemMetrics

oleaut32

SysAllocString
SysFreeString
SysAllocStringLen

shlwapi

StrStrIW
UrlUnescapeW

advapi32

RegCloseKey
RegCreateKeyExA
RegOpenKeyExA
RegDeleteValueA
RegSetValueExA

Exports

Exports

compatNetpnp

Sections

.text
Size: 92KB - Virtual size: 91KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3aabefbc3cbbdcfa10c34f8303bd0844

Headers

File Characteristics

Imports

kernel32

ole32

user32

oleaut32

shlwapi

advapi32

Exports

Exports

Sections

.text Size: 92KB - Virtual size: 91KB

.rdata Size: 4KB - Virtual size: 1KB

.data Size: 8KB - Virtual size: 8KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 92KB - Virtual size: 91KB

.rdata
Size: 4KB - Virtual size: 1KB

.data
Size: 8KB - Virtual size: 8KB

.reloc
Size: 4KB - Virtual size: 3KB