3af29afd11b0d99f5c66ed86e371f1cd

Sharing

Copy URL Twitter E-mail

General

Target

3af29afd11b0d99f5c66ed86e371f1cd
Size

180KB
MD5

3af29afd11b0d99f5c66ed86e371f1cd
SHA1

d26e5520c5b98076b24b43368d3646b953c639d1
SHA256

cb7c40d453c11392af4babfbc71e62b37a7791902e331411a8a67f69f5ed3626
SHA512

f97e73c5a877f678f5fef9a137541738f674965aba145424ef574dd716080f469530ba7962310e37c6e67d0c495a6a638445afa9fcbb5535e4426884adf7b809
SSDEEP

3072:tUcx9E+BFqk6JX+1PGBLbnSsA896boVW0Nx2IIeLwHd1CkxxB1a:acx9E+Fqk6WPGdBQk80Nv3cux

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3af29afd11b0d99f5c66ed86e371f1cd

Files

3af29afd11b0d99f5c66ed86e371f1cd
.exe windows:4 windows x86 arch:x86

ca2a7ba1e05628a65fc991340c698ebb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

StringFromGUID2
CoTaskMemFree
CoCreateInstance
CoTaskMemAlloc
CoTaskMemRealloc

msimg32

AlphaBlend
TransparentBlt

user32

GetDC
GetDlgItemTextA
IsWindow
SetWindowLongA
GetDlgItem
UnregisterClassA
SetDlgItemTextA
IsDialogMessageA
IsDlgButtonChecked
DestroyWindow
ReleaseDC
WinHelpA
MoveWindow
EnableWindow
CheckDlgButton
SendMessageA
ShowWindow
GetDialogBaseUnits
CreateDialogParamA
CharNextA

kernel32

GetProcAddress
FreeLibrary
VirtualQuery
GetEnvironmentStringsW
GetCPInfo
GetOEMCP
SetHandleInformation
GetStartupInfoA
lstrcatA
GetVersionExA
UnhandledExceptionFilter
lstrcpyA
IsBadCodePtr
VirtualProtect
GetModuleFileNameA
LeaveCriticalSection
TerminateProcess
CloseHandle
DeleteCriticalSection
TransmitCommChar
GetACP
SetFilePointer
TlsFree
FindResourceA
InterlockedIncrement
GetStringTypeW
RtlUnwind
GetCommandLineA
RaiseException
GetEnvironmentStrings
GetProcessHeap
FlushFileBuffers
VirtualAlloc
HeapCreate
LockResource
lstrcpynA
InitializeCriticalSection
TlsGetValue
TlsAlloc
DisableThreadLibraryCalls
InterlockedExchange
lstrlenA
FlushInstructionCache
FreeEnvironmentStringsA
GetLastError
EnumResourceNamesW
SetHandleCount
VirtualFree
InterlockedDecrement
GetFileType
HeapDestroy
TlsSetValue
GetTickCount
QueryPerformanceCounter
LCMapStringA
WriteFile
GetStringTypeA
EnterCriticalSection
GetThreadLocale
GetCurrentProcess
FreeEnvironmentStringsW
SizeofResource
GetSystemTimeAsFileTime
LoadResource
IsBadWritePtr
GetCurrentThreadId
ExitProcess
HeapAlloc
SetUnhandledExceptionFilter
lstrlenW
lstrcmpiA
SetStdHandle
GetCurrentProcessId
IsDBCSLeadByte
LCMapStringW
MultiByteToWideChar
GetStdHandle
GetSystemInfo
SetLastError
HeapReAlloc
MulDiv
LoadLibraryExA
WideCharToMultiByte
GetModuleHandleA
HeapSize
ExitProcess
LoadLibraryA
GetLocaleInfoA
IsBadReadPtr
HeapFree

shlwapi

PathFindExtensionA

advapi32

RegCloseKey
RegEnumKeyExA
RegDeleteValueA
RegDeleteKeyA
RegOpenKeyExA
RegSetValueExA
RegCreateKeyExA
RegQueryInfoKeyA

gdi32

SelectObject
GetTextExtentPointA
DeleteObject
GetDeviceCaps
GetTextMetricsA
CreateFontIndirectA

Sections

.text
Size: 131KB - Virtual size: 130KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.crt
Size: 512B - Virtual size: 216KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ca2a7ba1e05628a65fc991340c698ebb

Headers

File Characteristics

Imports

ole32

msimg32

user32

kernel32

shlwapi

advapi32

gdi32

Sections

.text Size: 131KB - Virtual size: 130KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 44KB - Virtual size: 43KB

.crt Size: 512B - Virtual size: 216KB

.text
Size: 131KB - Virtual size: 130KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 44KB - Virtual size: 43KB

.crt
Size: 512B - Virtual size: 216KB