39c629c33308f2e296ba10deb9560015

General

Target

39c629c33308f2e296ba10deb9560015
Size

169KB
MD5

39c629c33308f2e296ba10deb9560015
SHA1

41d5ac1506176e749a822be754ecd0e7849fcfcc
SHA256

e29e2e8c25f723a790b49582abd0abc2f01d3cb71b185d410fbb768e8dc5aabd
SHA512

48dcef1c0e6fdc3d8864497da1cc52e8ae3b1a00f36c755e85d934d926a96ffba6df88abee351107f97ddc2111d24ac8a32e2776cf6887bb8a63c17df5af95de
SSDEEP

3072:z8kzmVmseYQ5h2tWhP76aDAmUMEI/g0N8/3xUmURPzMY:wSmVmshQPSWhmvmEF/hUmURPx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
39c629c33308f2e296ba10deb9560015

Files

39c629c33308f2e296ba10deb9560015
.exe windows:4 windows x86 arch:x86

6ef53a8c81e427d89fa1f7beca3dae53

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemTimeAsFileTime
HeapDestroy
VirtualAlloc
AddAtomA
FreeEnvironmentStringsW
TlsSetValue
GetVersionExA
TerminateProcess
QueryPerformanceCounter
GetCPInfo
SetEndOfFile
GetStartupInfoA
GetEnvironmentStringsW
TlsGetValue
GetSystemInfo
TlsFree
GetStdHandle
EnumResourceLanguagesA
GetLocaleInfoA
HeapSize
HeapCreate
GetCurrentProcessId
GetCurrentProcess
lstrcpyW
SetHandleCount
GetOEMCP
GetACP
GetEnvironmentStrings
GetFileType
GetModuleFileNameA
VirtualFree
WriteFile
VirtualQuery
FreeEnvironmentStringsA
InterlockedExchange
IsBadWritePtr
TlsAlloc
UnhandledExceptionFilter
SetLastError
SetUnhandledExceptionFilter

mprapi

MprConfigServerDisconnect
MprConfigServerConnect
MprConfigGetFriendlyName

user32

CreateWindowExW
IsWindow
DestroyWindow
GetDlgItem
EnumChildWindows
SendMessageA
GetWindowThreadProcessId

newdev

UpdateDriverForPlugAndPlayDevicesW

iphlpapi

GetIpAddrTable

shell32

SHGetFolderPathW

setupapi

CM_Get_Parent
CMP_WaitNoPendingInstallEvents
SetupDiGetDeviceRegistryPropertyW
CM_Get_DevNode_Status

Sections

.text
Size: 87KB - Virtual size: 487KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 78KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6ef53a8c81e427d89fa1f7beca3dae53

Headers

File Characteristics

Imports

kernel32

mprapi

user32

newdev

iphlpapi

shell32

setupapi

Sections

.text Size: 87KB - Virtual size: 487KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 78KB - Virtual size: 78KB

.rsrc Size: 512B - Virtual size: 4KB

.text
Size: 87KB - Virtual size: 487KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 78KB - Virtual size: 78KB

.rsrc
Size: 512B - Virtual size: 4KB