3aecf209cdcc6f958d266aeaef6b20ef

Sharing

Copy URL Twitter E-mail

General

Target

3aecf209cdcc6f958d266aeaef6b20ef
Size

52KB
MD5

3aecf209cdcc6f958d266aeaef6b20ef
SHA1

bf82eb433b75ccb953d87b4ca6321731b873bf6c
SHA256

7371f87b1f318c4efdd7341d472ba982c7b2626e7a89ae1691da7415a4d2d6eb
SHA512

383a117e09d0e53279f1dc2a5fc5bf77f21678fbf1eb2557fe554a39f6d30d51f043ce683086a78bbfbc77ef0137b261a038caf4ba233b03d6253d0097912e0f
SSDEEP

768:ckDAcC6ZB5dkwMZD9wPSsSObTwztsdL9rwiWqWG4S6akvNZH1rNKLyMwqqxXA:cCC6ZuwMVApT4irHqdaYVNKLtNuw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3aecf209cdcc6f958d266aeaef6b20ef

Files

3aecf209cdcc6f958d266aeaef6b20ef
.exe windows:4 windows x86 arch:x86

c90137e570daa554f7e9e0dcf0bd5ff8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

__p__commode
__setusermatherr
__set_app_type
__p__fmode
_adjust_fdiv
__p__acmdln
_initterm
__getmainargs
_mbschr
_XcptFilter
_exit
fopen
realloc
_mbscmp
fclose
fseek
fread
malloc
_except_handler3
memcpy
memset
remove
strtoul
_strdup
strtok
printf
free
_strlwr
_itoa
strcmp
_controlfp
strstr
exit
strcpy
strlen
strcat
??3@YAXPAX@Z
sprintf
??2@YAPAXI@Z

kernel32

DeleteFileA
GetVersionExA
GetLocalTime
SetFileAttributesA
GetStartupInfoA
UnmapViewOfFile
FreeLibrary
CloseHandle
VirtualAlloc
ExitProcess
lstrcmpA
GetPrivateProfileStringA
VirtualFree
MultiByteToWideChar
GetModuleFileNameA
WritePrivateProfileStringA
CopyFileA
WinExec
GetWindowsDirectoryA
lstrcpyA
lstrlenA
GlobalAlloc
OpenProcess
TerminateProcess
Sleep
LoadResource
LockResource
FindResourceA
GetCommandLineA
GetModuleHandleA
GlobalUnlock

user32

GetClientRect
BeginPaint
DefWindowProcA
DrawTextA
EndPaint
CheckDlgButton
EndDialog
CreateDialogParamA
SendMessageA
GetDlgItemTextA
GetWindowThreadProcessId
LoadMenuA
MessageBoxA
SetWindowTextA
CreateWindowExA
PostQuitMessage
SetDlgItemTextA
GetWindow
GetWindowTextA
SetTimer
wsprintfA
SetFocus
EnableMenuItem
GetSystemMenu
SetMenu
RegisterClassExA
LoadStringA
LoadAcceleratorsA
GetMessageA
TranslateAcceleratorA
TranslateMessage
DialogBoxParamA
DestroyWindow
LoadIconA
LoadCursorA
ShowWindow
GetDlgItem
PostMessageA
KillTimer
DispatchMessageA

advapi32

RegQueryValueExA
RegOpenKeyA
RegOpenKeyExA
RegEnumValueA
RegCloseKey

ole32

CoInitialize
CoCreateInstance

rasapi32

RasDeleteEntryA
RasSetEntryPropertiesA
RasSetEntryDialParamsA
RasDialA
RasHangUpA
RasEnumConnectionsA
RasEnumDevicesA
RasGetErrorStringA

wininet

InternetAttemptConnect
HttpSendRequestA
HttpOpenRequestA
InternetConnectA
InternetOpenA

wsock32

closesocket
htons
ioctlsocket
sendto
gethostbyname
WSACleanup
socket
WSAStartup
gethostname

Sections

.text
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 13KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

c90137e570daa554f7e9e0dcf0bd5ff8

Headers

File Characteristics

Imports

msvcrt

kernel32

user32

advapi32

ole32

rasapi32

wininet

wsock32

Sections

.text Size: 16KB - Virtual size: 16KB

.rdata Size: 1KB - Virtual size: 1KB

.data Size: 13KB - Virtual size: 20KB

.idata Size: 3KB - Virtual size: 3KB

.rsrc Size: 32KB - Virtual size: 88KB

.text
Size: 16KB - Virtual size: 16KB

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: 13KB - Virtual size: 20KB

.idata
Size: 3KB - Virtual size: 3KB

.rsrc
Size: 32KB - Virtual size: 88KB