3a8d6f48c3d4103e5b0be50238597a61

Sharing

Copy URL

Twitter E-mail

General

Target

3a8d6f48c3d4103e5b0be50238597a61
Size

479KB
MD5

3a8d6f48c3d4103e5b0be50238597a61
SHA1

470ba3b6d279169809a9dd7a7bb04c8c72e5dbca
SHA256

932f4ef15217f8613c2717b036fc8a26576919d8d66a8b5deaa9ae0563a12c36
SHA512

4e27cf133b443322288107f2c6f472407fb2e14bacb1a1017c8db38dc451d3b95d9dcfaf1c4d5bb5d2828298cc34d88ff111c826d0e15fcf1ff7392fccb1c0ba
SSDEEP

12288:J5AGfbrVNlxR2rLXLTP8rAkf4LWNNQEY9kiWr9x9F:RjDlirhXmNQL9k7r9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3a8d6f48c3d4103e5b0be50238597a61

Files

3a8d6f48c3d4103e5b0be50238597a61
.exe windows:4 windows x86 arch:x86

d7c4228fc726632277b04381bd4b92d4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetEnvironmentStringsW
FreeEnvironmentStringsW
MultiByteToWideChar
EnterCriticalSection
RtlUnwind
HeapCreate
DeleteCriticalSection
GetCurrentProcess
GetStringTypeW
VirtualAlloc
SetHandleCount
LCMapStringW
HeapReAlloc
GetProcessHeap
SetFileTime
GetOEMCP
GetCurrentThread
SetEnvironmentVariableA
GetModuleFileNameA
GetEnvironmentStrings
GetVersionExA
ExitProcess
GetLastError
GetUserDefaultLCID
InitializeCriticalSection
LoadLibraryA
GetTickCount
GetSystemTimeAsFileTime
GetTimeFormatA
GetCommandLineA
IsDebuggerPresent
QueryPerformanceCounter
WideCharToMultiByte
TlsAlloc
WritePrivateProfileSectionW
Sleep
UnhandledExceptionFilter
GetCPInfo
HeapAlloc
GetStdHandle
HeapFree
CreateFileMappingA
SetLastError
GetCurrentProcessId
CompareStringW
HeapDestroy
GetTimeZoneInformation
TlsGetValue
InterlockedIncrement
GetACP
GetLocaleInfoA
HeapSize
GetDateFormatA
LCMapStringA
TlsFree
WaitForSingleObjectEx
EnumSystemLocalesA
GetModuleHandleA
RtlMoveMemory
GetFileType
CompareStringA
FillConsoleOutputCharacterA
SetUnhandledExceptionFilter
GetProcAddress
WaitNamedPipeA
FreeLibrary
InterlockedDecrement
GetProcAddress
GetLocaleInfoW
GetStartupInfoA
FreeEnvironmentStringsA
LeaveCriticalSection
InterlockedExchange
IsValidCodePage
WriteFile
GetStringTypeA
VirtualQuery
VirtualFree
TlsSetValue
GetDiskFreeSpaceA
SetConsoleCtrlHandler
GetCurrentThreadId
IsValidLocale
GetSystemDirectoryA
TerminateProcess

gdi32

PlgBlt
GetTextExtentPoint32W
SetICMProfileA
CreateEnhMetaFileA
GetObjectW
SetFontEnumeration
GetKerningPairsW
SetBkMode
EndDoc
EndPath
OffsetRgn

shell32

ExtractIconA
ExtractAssociatedIconExW
SHGetDataFromIDListW
RealShellExecuteExW
SHBrowseForFolderA
SHUpdateRecycleBinIcon

Sections

.text
Size: 154KB - Virtual size: 153KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 313KB - Virtual size: 335KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d7c4228fc726632277b04381bd4b92d4

Headers

File Characteristics

Imports

kernel32

gdi32

shell32

Sections

.text Size: 154KB - Virtual size: 153KB

.data Size: 313KB - Virtual size: 335KB

.rsrc Size: 11KB - Virtual size: 10KB

.text
Size: 154KB - Virtual size: 153KB

.data
Size: 313KB - Virtual size: 335KB

.rsrc
Size: 11KB - Virtual size: 10KB