3a0fed89b27087c2aaed06f258b39b48

Sharing

Copy URL Twitter E-mail

General

Target

3a0fed89b27087c2aaed06f258b39b48
Size

401KB
MD5

3a0fed89b27087c2aaed06f258b39b48
SHA1

c8da6c332d9dc15b5f80ee276c3f76ffd4a5f91d
SHA256

c8e7c92b85c264484cf625c927bb0ff979b9e1e4e4babd283c16d490e735759c
SHA512

4b7a79d3120036736da331486118adffbe800bb290c34b8e21a36c165787f408b3edd3af9bc1457122f195d4b85ac2ce5e75f541829b452630849215e6c53f00
SSDEEP

6144:E5QmbBq0VB+LYbhk9jlWvEBYGq8g7s5p/RRW29pnkTHPta0ez55GR/dXk+:E5PBB+zhw8BYZs59W29ST1aLz55G/B

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3a0fed89b27087c2aaed06f258b39b48

Files

3a0fed89b27087c2aaed06f258b39b48
.exe windows:4 windows x86 arch:x86

f7d9073cbad308e5edc91cdeec216f67

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetEnvironmentStringsW
GetProcessHeap
VirtualFree
InterlockedIncrement
GetProcAddress
GetStringTypeA
HeapReAlloc
IsDebuggerPresent
FreeEnvironmentStringsW
GetDateFormatA
GetCurrentProcessId
IsValidLocale
GetVolumeInformationA
FreeEnvironmentStringsA
LCMapStringA
OutputDebugStringA
TlsSetValue
GetEnvironmentVariableA
LCMapStringW
OutputDebugStringW
Sleep
LoadLibraryW
CompareStringA
GetLocaleInfoA
GetTimeZoneInformation
SetHandleCount
GetConsoleOutputCP
GetModuleFileNameW
SetStdHandle
ExitProcess
GetTickCount
GetProfileStringW
IsValidCodePage
HeapFree
DeleteCriticalSection
GetModuleFileNameA
GetFileType
LoadLibraryA
WriteFile
TlsFree
VirtualAlloc
ReadConsoleOutputAttribute
CloseHandle
MultiByteToWideChar
GetCurrentProcess
TerminateProcess
GetCurrentThreadId
SetEnvironmentVariableA
EnterCriticalSection
FreeLibrary
GetConsoleCP
HeapValidate
LeaveCriticalSection
GetStartupInfoA
WriteConsoleW
GetSystemTimeAsFileTime
EnumSystemLocalesA
OpenMutexA
FindResourceA
FlushFileBuffers
GetACP
CreateToolhelp32Snapshot
InterlockedDecrement
GetUserDefaultLCID
SetConsoleCtrlHandler
GetThreadTimes
GetCommandLineA
InitializeCriticalSectionAndSpinCount
SetFilePointer
GetOEMCP
IsBadReadPtr
GetConsoleMode
EnumSystemCodePagesA
InterlockedExchange
GetEnvironmentStrings
RaiseException
TlsGetValue
HeapCreate
LockFile
SetConsoleTitleA
GetTimeFormatA
GetModuleHandleW
HeapAlloc
HeapSize
GlobalDeleteAtom
FileTimeToSystemTime
GetLocaleInfoW
UnhandledExceptionFilter
GetModuleHandleA
HeapDestroy
GetCurrentThread
GetLastError
WideCharToMultiByte
TlsAlloc
SetLastError
lstrlenA
GetStdHandle
WriteConsoleA
WriteConsoleOutputA
DebugBreak
CreateFileA
GetStringTypeW
VirtualQuery
SetUnhandledExceptionFilter
RtlUnwind
GetCPInfo
CompareStringW
QueryPerformanceCounter

shell32

ExtractIconA
ShellExecuteEx
SHGetFileInfoA
SHUpdateRecycleBinIcon
SHEmptyRecycleBinA
SHGetFileInfo
ExtractIconExW
InternalExtractIconListW
SHGetInstanceExplorer
DragAcceptFiles
RealShellExecuteW

Sections

.text
Size: 246KB - Virtual size: 246KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 150KB - Virtual size: 158KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f7d9073cbad308e5edc91cdeec216f67

Headers

File Characteristics

Imports

kernel32

shell32

Sections

.text Size: 246KB - Virtual size: 246KB

.data Size: 150KB - Virtual size: 158KB

.rsrc Size: 3KB - Virtual size: 3KB

.text
Size: 246KB - Virtual size: 246KB

.data
Size: 150KB - Virtual size: 158KB

.rsrc
Size: 3KB - Virtual size: 3KB