3aac8f3aefdeebc9dc3b29b3e71d9bf5

Sharing

Copy URL Twitter E-mail

General

Target

3aac8f3aefdeebc9dc3b29b3e71d9bf5
Size

465KB
MD5

3aac8f3aefdeebc9dc3b29b3e71d9bf5
SHA1

473b59c39985a6238e5898fb75c2cf0f39bce6cb
SHA256

20d31c96b15b9a0a9532daa10ccca081113377b6d36a81b8ab0428e4759d5fe1
SHA512

22792194be610a3c8a8eb7b583c41b592186c02c7b7ff4d63676393e414ba6f4f3f4f1db9e97455bb599488f42999b58f0bd6176c135dcec4b06dfd671900df1
SSDEEP

6144:CimPei5FlYXW80RYJpsnnnnnnnnnnnnnnHbo0qebT9AVPpKywR4LuMBFbvsLf8b4:pQeSFgW8+zb/qC66yPLuMbb58sYegr

Score

1^/10

Malware Config

Signatures

Files

3aac8f3aefdeebc9dc3b29b3e71d9bf5
.exe windows:4 windows x86 arch:x86

0ccb04a42006d41cfdff8c051170d68c

Code Sign

dc:1c:cc:fd:b0:a9:e3:a8:17:0c:49:c9:82:1b:ff:15:55:58:c0:84
Signer

Actual PE Digest

dc:1c:cc:fd:b0:a9:e3:a8:17:0c:49:c9:82:1b:ff:15:55:58:c0:84

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ord17

version

VerQueryValueW

wininet

HttpEndRequestA

kernel32

GetVersion
GetVersionExA
ExitProcess
VirtualAlloc
CreateFileA
GetModuleHandleW
LockResource
WriteFile
GetLastError
CreateFileMappingA
CloseHandle
FreeLibrary
FindResourceA
FindFirstFileA
FindClose
FileTimeToLocalFileTime
GetCommandLineA
LCMapStringA
GetStringTypeW
GetDefaultCommConfigA
GetSystemTimeAsFileTime
LoadLibraryA
GetOEMCP
GetACP
GetCPInfo
HeapReAlloc
HeapAlloc
RtlUnwind
VirtualFree
HeapCreate
HeapDestroy
GetEnvironmentVariableA
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
WideCharToMultiByte
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetModuleFileNameA
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
HeapFree
GetStartupInfoA
FlushFileBuffers
LCMapStringW
GetCommandLineW
ReadFile
lstrcmpiA
CreateThread
GetModuleHandleA
GetProcAddress
MultiByteToWideChar
GetUserDefaultLangID
SetEndOfFile
SetFilePointer
SetStdHandle
GetStringTypeA

user32

RegisterClassW
GetDC
MessageBoxA
GetSystemMetrics
SetScrollRange
InvalidateRect
CreateWindowExA
GetWindowThreadProcessId
IntersectRect
GetCapture
GetClassInfoA
GetSystemMenu
GetWindowLongA
CreateDialogParamA
IsChild
IsDialogMessageA
IsIconic
IsRectEmpty
IsWindow
RemovePropA
SetMenu
CharNextA
LoadStringA
GetClientRect
DialogBoxParamA

gdi32

ExcludeClipRect
GetClipBox
CreatePenIndirect
CreatePen
GetDeviceCaps
Rectangle
DeleteObject

comdlg32

GetOpenFileNameA
GetSaveFileNameA
ChooseFontA
FindTextW

advapi32

RegCreateKeyExA
GetUserNameA
RegCloseKey
RegSetValueExW

shell32

StrStrIA

ole32

CoUninitialize
CoTaskMemAlloc

oleaut32

VarRound
VarNumFromParseNum
SafeArrayPutElement
SafeArrayGetUBound
SafeArrayRedim
SafeArrayGetLBound
SafeArrayGetElement
VarDecRound

Sections

.text
Size: 408KB - Virtual size: 404KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.Cdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 4KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0ccb04a42006d41cfdff8c051170d68c

Code Sign

dc:1c:cc:fd:b0:a9:e3:a8:17:0c:49:c9:82:1b:ff:15:55:58:c0:84Signer

Headers

File Characteristics

Imports

comctl32

version

wininet

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

Sections

.text Size: 408KB - Virtual size: 404KB

.Cdata Size: 8KB - Virtual size: 4KB

.data Size: 12KB - Virtual size: 41KB

.tls Size: 4KB - Virtual size: 12B

.rsrc Size: 28KB - Virtual size: 27KB

dc:1c:cc:fd:b0:a9:e3:a8:17:0c:49:c9:82:1b:ff:15:55:58:c0:84
Signer

.text
Size: 408KB - Virtual size: 404KB

.Cdata
Size: 8KB - Virtual size: 4KB

.data
Size: 12KB - Virtual size: 41KB

.tls
Size: 4KB - Virtual size: 12B

.rsrc
Size: 28KB - Virtual size: 27KB