3a52f3a5871af94497b77c8ade543f08

Sharing

Copy URL

Twitter E-mail

General

Target

3a52f3a5871af94497b77c8ade543f08
Size

395KB
MD5

3a52f3a5871af94497b77c8ade543f08
SHA1

2745039b6adaa39b128c96120e2ae49577a1ba0a
SHA256

21c82032dff9dd433785d31b1e38149c0a5913ae9236c53ad0bc3cc660df97f9
SHA512

37a034fe72b88c6c4c778d148d229880ceba88db5a6a2e2cdb528b82cbb495481488d3328be49c18e63c327625fb2b3c8619520848c772e3072015cbabdc48f3
SSDEEP

6144:Vru17Q1dQMWcP71gk0M+3jakmiOPzKvJOuqCA2srjuqV4TkytAarzaMfQ4QeGedM:VKJzrzOMsXAXtAaPjfrd/8kYA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3a52f3a5871af94497b77c8ade543f08

Files

3a52f3a5871af94497b77c8ade543f08
.exe windows:4 windows x86 arch:x86

46b6d220ae4386a046f8bfa8488ce784

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileType
GetStartupInfoW
GetStringTypeA
IsValidLocale
GetProcAddress
GetStringTypeW
HeapReAlloc
LCMapStringW
GetPrivateProfileSectionNamesW
GetEnvironmentStrings
GetCurrentProcessId
MultiByteToWideChar
CreateMutexA
EnumSystemLocalesA
SetEnvironmentVariableA
TlsGetValue
GetSystemInfo
GetProfileIntA
SetHandleCount
TlsSetValue
GetACP
TlsAlloc
IsBadWritePtr
GetLocaleInfoW
GetTimeZoneInformation
TerminateThread
GetCurrentThread
SetUnhandledExceptionFilter
WriteFileEx
ExitProcess
GetTickCount
LocalFree
LeaveCriticalSection
HeapFree
CompareStringA
GetModuleFileNameA
GetLastError
LoadLibraryA
QueryPerformanceCounter
InterlockedExchangeAdd
VirtualAlloc
HeapValidate
MoveFileExA
TlsFree
GetCurrentProcess
TerminateProcess
GetCurrentThreadId
VirtualProtect
CompareStringW
FreeEnvironmentStringsA
GetCommandLineA
HeapSize
SetLastError
GetStdHandle
TryEnterCriticalSection
GetSystemTimeAsFileTime
DeleteCriticalSection
FormatMessageW
SetConsoleCursorInfo
EnterCriticalSection
FreeEnvironmentStringsW
LocalCompact
IsValidCodePage
GetUserDefaultLCID
VirtualFree
ExpandEnvironmentStringsA
GetCPInfo
InitializeCriticalSection
WideCharToMultiByte
GetStartupInfoA
LCMapStringA
GetCommandLineW
WriteProfileSectionA
InterlockedExchange
GetEnvironmentStringsW
UnhandledExceptionFilter
HeapLock
GetVersionExA
GetMailslotInfo
GetConsoleCP
GetTimeFormatA
GetOEMCP
HeapAlloc
HeapDestroy
lstrcpy
SetStdHandle
GetModuleFileNameW
VirtualQuery
GetModuleHandleA
HeapCreate
GetDateFormatA
GetLocaleInfoA
RtlUnwind
GetPrivateProfileIntA
WriteFile

shell32

RealShellExecuteExW
DoEnvironmentSubstA
SHFormatDrive
SHAddToRecentDocs
RealShellExecuteExA
DragAcceptFiles
ShellAboutW

Sections

.text
Size: 117KB - Virtual size: 117KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 270KB - Virtual size: 274KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

46b6d220ae4386a046f8bfa8488ce784

Headers

File Characteristics

Imports

kernel32

shell32

Sections

.text Size: 117KB - Virtual size: 117KB

.data Size: 270KB - Virtual size: 274KB

.rsrc Size: 7KB - Virtual size: 6KB

.text
Size: 117KB - Virtual size: 117KB

.data
Size: 270KB - Virtual size: 274KB

.rsrc
Size: 7KB - Virtual size: 6KB