3abdda8684356edd6781d05f27940240

Sharing

Copy URL Twitter E-mail

General

Target

3abdda8684356edd6781d05f27940240
Size

425KB
MD5

3abdda8684356edd6781d05f27940240
SHA1

b07b4a3b285d37cb441bc9276b79cf0080cf7242
SHA256

902e2cf35d94a4e548c986ba7d2c982734c6cde719330cdbdd4a1a7f2212cf82
SHA512

c15c3785a33a19d50530f0c991de71908232dedb2e3643663e687de7e2093be6fd55157d3a76a1d6cbcaebf50f2e7f5776cea0d4f01ec38d9f13b9c774fa0783
SSDEEP

12288:LMoWnFpWVffE2GuN0zgmoOgbvSBRzPUoMKhTwRUax:L/WnFUfbtNUgPOs4PUojhTcU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3abdda8684356edd6781d05f27940240

Files

3abdda8684356edd6781d05f27940240
.exe windows:4 windows x86 arch:x86

515d292fd58f2f5846e503be32b763cf

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

SHGetInstanceExplorer
SHInvokePrinterCommandA

kernel32

InterlockedExchange
TlsGetValue
GetModuleFileNameW
GetCommandLineA
RtlUnwind
SetHandleCount
GlobalGetAtomNameW
GetTempPathW
GetEnvironmentStrings
FoldStringA
WaitForMultipleObjects
HeapReAlloc
ExitProcess
GetProcAddress
GetEnvironmentStringsW
GetShortPathNameW
TlsFree
LeaveCriticalSection
WriteConsoleOutputCharacterW
TerminateProcess
GetLastError
GetModuleHandleA
GetCurrentThread
GetNamedPipeHandleStateW
GetVersion
IsBadWritePtr
FreeEnvironmentStringsW
HeapAlloc
GetStdHandle
GetCurrentThreadId
GetTickCount
GetStartupInfoA
TlsSetValue
InitializeCriticalSection
DeleteCriticalSection
QueryPerformanceCounter
GetStartupInfoW
HeapDestroy
GetConsoleTitleW
EnumCalendarInfoW
GetModuleFileNameA
VirtualFree
UnhandledExceptionFilter
HeapFree
LoadLibraryA
GetCurrentProcess
GetEnvironmentStringsA
VirtualQuery
GetCommandLineW
GetFileType
GetCurrentProcessId
TlsAlloc
EnterCriticalSection
WriteFile
GetVersionExA
MultiByteToWideChar
SetLastError
SetConsoleCtrlHandler
HeapCreate
VirtualAlloc
FreeEnvironmentStringsA
GetSystemTimeAdjustment
GetSystemTimeAsFileTime

comdlg32

PageSetupDlgA
GetFileTitleA
ChooseFontW

advapi32

LogonUserA
RegRestoreKeyW

wininet

CommitUrlCacheEntryW
InternetCanonicalizeUrlA
FindFirstUrlCacheGroup

Sections

.text
Size: 132KB - Virtual size: 131KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 274KB - Virtual size: 274KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

515d292fd58f2f5846e503be32b763cf

Headers

File Characteristics

Imports

shell32

kernel32

comdlg32

advapi32

wininet

Sections

.text Size: 132KB - Virtual size: 131KB

.rdata Size: 3KB - Virtual size: 32KB

.data Size: 274KB - Virtual size: 274KB

.rsrc Size: 15KB - Virtual size: 14KB

.text
Size: 132KB - Virtual size: 131KB

.rdata
Size: 3KB - Virtual size: 32KB

.data
Size: 274KB - Virtual size: 274KB

.rsrc
Size: 15KB - Virtual size: 14KB