3ab49c2c5709b000312575faf4c0411a

Sharing

Copy URL Twitter E-mail

General

Target

3ab49c2c5709b000312575faf4c0411a
Size

428KB
MD5

3ab49c2c5709b000312575faf4c0411a
SHA1

20ae04387fb31223f8a76ae18921d4d6ba4c327d
SHA256

fe134b35cd559e8a001ad2141be291ab3d83620066c321bdc1ab70105e1bd0ad
SHA512

8d755582fb46a07b6a3aec8dfab5cd25a37a2b41a187332cffcef046b2d58c00dd679fc1793e481a7fa0327ce626da50b403f7fb67e29eeb342d7dc2c41f30d7
SSDEEP

12288:da8fqFNaGckyhX+lBtE2gH1LNIU7HKho5ySdzV4L:ookzy5I1gHr3KS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3ab49c2c5709b000312575faf4c0411a

Files

3ab49c2c5709b000312575faf4c0411a
.exe windows:4 windows x86 arch:x86

fe1b8638e9bb89c81b50c1401620ee26

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentThreadId
GetNamedPipeInfo
GetModuleFileNameA
HeapCreate
ExitProcess
GetSystemTimeAsFileTime
EnterCriticalSection
WideCharToMultiByte
GetCurrentProcessId
GetStdHandle
WriteFile
VirtualFree
GetPrivateProfileSectionNamesA
GetProcAddress
GetTimeZoneInformation
ReadConsoleA
LeaveCriticalSection
LoadLibraryA
VirtualProtect
WaitForSingleObjectEx
MultiByteToWideChar
GetDateFormatA
GetUserDefaultLCID
GetFileType
HeapDestroy
RtlUnwind
FreeEnvironmentStringsW
HeapSize
DeleteCriticalSection
EnumSystemLocalesA
SetCurrentDirectoryA
SetLastError
GetSystemInfo
GetStringTypeA
TlsSetValue
GetOEMCP
HeapReAlloc
GetVersionExA
FreeEnvironmentStringsA
GetLocaleInfoA
ReleaseMutex
IsBadWritePtr
InitializeCriticalSection
UnhandledExceptionFilter
TlsFree
LocalUnlock
VirtualQuery
GetSystemTimeAdjustment
LCMapStringW
LCMapStringA
GetFileAttributesW
GetCurrentProcess
GetEnvironmentStringsW
SetEnvironmentVariableA
GetTickCount
QueryPerformanceCounter
GetLocaleInfoW
GetLastError
CompareStringA
GetEnvironmentStrings
GetStringTypeW
CompareStringW
VirtualAlloc
IsValidCodePage
HeapFree
GetACP
GetStartupInfoA
HeapAlloc
TerminateProcess
IsValidLocale
GetCurrentThread
SetHandleCount
GetModuleHandleA
EnumResourceNamesA
GetTimeFormatA
GetCPInfo
TlsGetValue
InterlockedExchange
GetCommandLineA
TlsAlloc

comdlg32

PageSetupDlgW
ChooseFontA

shell32

SHGetFileInfoA
SHQueryRecycleBinW
SHGetDesktopFolder
CheckEscapesW

advapi32

CryptGetUserKey
RegQueryMultipleValuesW
CryptGetKeyParam
CryptVerifySignatureA
RegNotifyChangeKeyValue
CryptDuplicateKey
CryptGetDefaultProviderW
LookupAccountNameA
RegEnumKeyExA
CryptDecrypt
CryptSetProviderA
RegCreateKeyA
CryptSignHashW
RegQueryInfoKeyA
CryptHashData
CryptGetDefaultProviderA
RegCreateKeyExW
StartServiceW
CryptContextAddRef
RegRestoreKeyW
CryptImportKey
LookupAccountSidW
LookupPrivilegeValueA

wininet

FindNextUrlCacheEntryExW
FindNextUrlCacheEntryA
InternetWriteFileExW
GopherOpenFileA
InternetInitializeAutoProxyDll
SetUrlCacheConfigInfoA
GopherCreateLocatorW

user32

CharPrevExA
GetComboBoxInfo
SetFocus
CallMsgFilterW
SetWindowWord
PeekMessageA
DdeAccessData
GetMonitorInfoW
GetMonitorInfoA
VkKeyScanExW
MessageBoxExA
CharToOemBuffA
DdeQueryStringA
BlockInput
GetClipboardViewer
MenuItemFromPoint
UnionRect
DdeImpersonateClient
SetShellWindow
WindowFromDC
RedrawWindow
ToAsciiEx

Sections

.text
Size: 131KB - Virtual size: 131KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 278KB - Virtual size: 278KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fe1b8638e9bb89c81b50c1401620ee26

Headers

File Characteristics

Imports

kernel32

comdlg32

shell32

advapi32

wininet

user32

Sections

.text Size: 131KB - Virtual size: 131KB

.rdata Size: 8KB - Virtual size: 36KB

.data Size: 278KB - Virtual size: 278KB

.rsrc Size: 9KB - Virtual size: 8KB

.text
Size: 131KB - Virtual size: 131KB

.rdata
Size: 8KB - Virtual size: 36KB

.data
Size: 278KB - Virtual size: 278KB

.rsrc
Size: 9KB - Virtual size: 8KB