3aa1575a36749af8441f15e641f6161a

Sharing

Copy URL Twitter E-mail

General

Target

3aa1575a36749af8441f15e641f6161a
Size

48KB
MD5

3aa1575a36749af8441f15e641f6161a
SHA1

fc47b6a5e03260c6e6616aa3849d3c3f7a3b383e
SHA256

a54e6d0e97930f419a98ff770232d20a5f5940309dc9b693fe3bd198f9f80d8c
SHA512

7296362da49632018c5d4c6760c966ce0570aa4c2cb8334260f84466c5515eddd8a9aeffaddbd068a8b5dea2cf16c328c5a60b402bb40406fcc0a301f92ed1c9
SSDEEP

768:rgnraG3U4SVBtaYkeLwQ2w/mspa/fyEFV7C:rgnraGWvtaCkfwvmV7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3aa1575a36749af8441f15e641f6161a

Files

3aa1575a36749af8441f15e641f6161a
.exe windows:4 windows x86 arch:x86

2896d9cb83a5b2420a0f08268bae4e01

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ImageList_GetIconSize
ImageList_DragShowNolock
ImageList_ReplaceIcon
ImageList_Read
ImageList_DragEnter
ImageList_DragMove
ImageList_DrawEx
ImageList_Draw
ImageList_DragLeave
ImageList_Merge
ImageList_Copy
ImageList_Destroy
ImageList_GetIcon
InitCommonControls
ImageList_GetImageRect
ImageList_Replace
ImageList_GetImageInfo
ImageList_LoadImage
ImageList_GetDragImage
ImageList_BeginDrag

user32

InsertMenuA
CreateIcon
GetDlgItem
CopyIcon
CalcMenuBar
GetWindowTextLengthA
DialogBoxParamA
CopyRect
GetMenu
IsMenu
IsWindow
DrawTextW
DrawTextA
LoadCursorA
LoadMenuA
GetDC

gdi32

AbortPath
AddFontMemResourceEx
RestoreDC
DeleteObject
BeginPath
GetPixel
AddFontResourceW
CloseMetaFile
AddFontResourceA
CreateSolidBrush
GetBrushOrgEx
GetDCOrgEx
AddFontResourceExW
BitBlt
GetClipBox
CopyMetaFileA
ExtTextOutA
GetCurrentPositionEx

kernel32

GetStringTypeW
GetStdHandle
GetLastError
GetFileType
SetLastError
lstrcpyA
GlobalFree
lstrlenA
GetCPInfo
GetFileAttributesA
GetFullPathNameA
Sleep
GetModuleFileNameA
GetCommandLineA
CloseHandle
lstrcmpiA
GlobalAlloc
HeapFree

advapi32

RegEnumKeyW
RegEnumValueA
RegQueryValueA
RegEnumValueW
RegQueryInfoKeyW
RegReplaceKeyA
RegEnumKeyExW
RegOpenKeyExA
RegCreateKeyExW
RegQueryValueW
RegLoadKeyA
RegQueryValueExW
RegEnumKeyExA
RegDeleteKeyA
RegOpenKeyW
RegDeleteValueW
RegCreateKeyExA
RegReplaceKeyW
RegEnumKeyA
RegOpenKeyExW

Sections

.text
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 181KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 490B

IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2896d9cb83a5b2420a0f08268bae4e01

Headers

File Characteristics

Imports

comctl32

user32

gdi32

kernel32

advapi32

Sections

.text Size: 8KB - Virtual size: 4KB

.data Size: 28KB - Virtual size: 27KB

.rdata Size: 4KB - Virtual size: 181KB

.rsrc Size: 3KB - Virtual size: 2KB

.reloc Size: 512B - Virtual size: 490B

.text
Size: 8KB - Virtual size: 4KB

.data
Size: 28KB - Virtual size: 27KB

.rdata
Size: 4KB - Virtual size: 181KB

.rsrc
Size: 3KB - Virtual size: 2KB

.reloc
Size: 512B - Virtual size: 490B