39e11c3bac3cc4c04867f0d86be95c12

Sharing

Copy URL Twitter E-mail

General

Target

39e11c3bac3cc4c04867f0d86be95c12
Size

428KB
MD5

39e11c3bac3cc4c04867f0d86be95c12
SHA1

67f8985c18040c2bb53a712089a34272ba2a9c10
SHA256

8321d762461bbe85dff81b6bd03c1c00e57dee04ad0c79c2c1b35d3d39a4d3bd
SHA512

44471bd0836262745d91d09bc167710ecb42fbc976bfb119ea0c5fa7d67a593e8204291e342a68e437916f1d7c232c60a8ea8ed2cb8095379eef05cefdbc6d2c
SSDEEP

12288:A6VcUY5/FGRS7kYf+l4+9gpiJwH5bUe1nEV:AF9Hf+lLKiJw6Ke

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
39e11c3bac3cc4c04867f0d86be95c12

Files

39e11c3bac3cc4c04867f0d86be95c12
.exe windows:4 windows x86 arch:x86

448aa144161f42e013ef266c798e7494

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareStringA
GetProcessHeap
CreateProcessA
GetDiskFreeSpaceExW
GetEnvironmentStringsW
LocalReAlloc
HeapAlloc
TlsFree
MultiByteToWideChar
InterlockedDecrement
SetHandleCount
EnumDateFormatsW
SetConsoleOutputCP
EnterCriticalSection
WriteFile
LeaveCriticalSection
VirtualFree
GetLocaleInfoA
GetLocaleInfoW
GlobalUnfix
IsValidLocale
FreeLibrary
GetModuleFileNameW
GetACP
RtlMoveMemory
GetStdHandle
SetEnvironmentVariableA
GetLastError
GetProcAddress
GetFullPathNameA
GetFileType
Sleep
lstrcmpiW
FreeEnvironmentStringsW
CreateSemaphoreW
GetStringTypeA
VirtualQuery
InitializeCriticalSection
SetUnhandledExceptionFilter
IsDebuggerPresent
DeleteCriticalSection
GetTimeFormatA
SetConsoleCtrlHandler
GetEnvironmentStrings
HeapReAlloc
HeapSize
ExitProcess
GetOEMCP
GetPrivateProfileIntW
VirtualAlloc
TlsAlloc
QueryPerformanceCounter
GetCurrentProcess
GetVersionExA
GetModuleHandleA
GetCommandLineW
GetTimeZoneInformation
GetUserDefaultLCID
GetCurrentThreadId
IsValidCodePage
TlsSetValue
FreeEnvironmentStringsA
GetCurrentThread
GetCurrentProcessId
WideCharToMultiByte
HeapCreate
EnumSystemLocalesA
AddAtomA
GetTickCount
GetStartupInfoW
ReleaseSemaphore
GetCommandLineA
LCMapStringA
InterlockedIncrement
RtlUnwind
GetCPInfo
GetSystemTimeAsFileTime
InterlockedExchange
HeapDestroy
CommConfigDialogA
RaiseException
GetDateFormatA
UnhandledExceptionFilter
GetStartupInfoA
GetStringTypeW
HeapFree
TerminateProcess
LoadLibraryA
WriteProfileSectionA
SetLastError
TlsGetValue
CompareStringW
GetModuleFileNameA
LCMapStringW

comdlg32

ChooseColorA

user32

RemovePropA
UnhookWindowsHook
DdeQueryStringA
WindowFromDC
GetMonitorInfoW
DrawTextExA
RemovePropW
ReleaseCapture
SetMessageQueue
CharToOemA
MonitorFromPoint
RedrawWindow
DdeNameService
GetMenuState
RegisterClassW
AdjustWindowRectEx
TrackPopupMenu
GetMenuItemID

shell32

DragFinish
SHAppBarMessage
SHBrowseForFolder
SheChangeDirExW
SHGetMalloc
DragQueryFileA
DoEnvironmentSubstW
ExtractIconW
ExtractIconA
ShellExecuteExW
ExtractAssociatedIconExW
ExtractAssociatedIconExA

Sections

.text
Size: 138KB - Virtual size: 138KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 273KB - Virtual size: 273KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

448aa144161f42e013ef266c798e7494

Headers

File Characteristics

Imports

kernel32

comdlg32

user32

shell32

Sections

.text Size: 138KB - Virtual size: 138KB

.data Size: 273KB - Virtual size: 273KB

.rsrc Size: 15KB - Virtual size: 14KB

.text
Size: 138KB - Virtual size: 138KB

.data
Size: 273KB - Virtual size: 273KB

.rsrc
Size: 15KB - Virtual size: 14KB