3dee06577199c263f2ada9b6048fb75b

Sharing

Copy URL Twitter E-mail

General

Target

3dee06577199c263f2ada9b6048fb75b
Size

344KB
MD5

3dee06577199c263f2ada9b6048fb75b
SHA1

b4acc8b13d54141c717d62eb792a9211f7a746c1
SHA256

dbf50f5f748281517cb62b84f8b7e1885f01546c702a2685d2a4df5368790324
SHA512

8f1e2245a60106eaf8eaa14e63f0478031c2d7f5ac751ba20fcd3380110f5116741d17140b36ce0ae759ab50962ac83b00d9f497d8d4e3aadf5c1f5d9b469154
SSDEEP

6144:ZaxvbpAUJZZ20mM4Z71j01NSSn//eAeD7AiE2ODc1XUbP:Z3WZ2jMY1QLSqeAG7G2ODGe

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3dee06577199c263f2ada9b6048fb75b

Files

3dee06577199c263f2ada9b6048fb75b
.exe windows:4 windows x86 arch:x86

844d1bdfbf7035a8c1ff22109c5460a7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InterlockedCompareExchange
CompareStringW
BackupRead
ExitProcess
GetTimeFormatW
EnumResourceNamesA
DosDateTimeToFileTime
GlobalReAlloc
GetFileAttributesExA
GlobalFindAtomA
MoveFileA
CompareFileTime
LeaveCriticalSection
LocalAlloc
SetCurrentDirectoryA
CreateConsoleScreenBuffer
GlobalHandle
OpenFile
SetLastError
WriteProcessMemory
SetConsoleWindowInfo
FindAtomA
GetThreadLocale
SetCommBreak
TerminateThread
CancelWaitableTimer
WaitForSingleObject
GetSystemDefaultLangID
RaiseException
WaitForMultipleObjects
FoldStringW
FindFirstChangeNotificationA
FindResourceExW
VirtualUnlock
GetProcAddress
WaitForSingleObjectEx
GetProfileStringA
GetEnvironmentStrings
DuplicateHandle
GlobalFindAtomW
lstrcatA
WriteConsoleOutputCharacterA
VirtualProtect
GetModuleHandleA
InterlockedDecrement
MulDiv
AllocConsole
QueueUserAPC
SetConsoleTitleA
OpenFileMappingW
GlobalMemoryStatus
LoadLibraryExA
IsBadWritePtr
LoadLibraryW
GetLocaleInfoA
CreateDirectoryW
FindNextFileA
GetConsoleTitleW
DeleteCriticalSection
GetDiskFreeSpaceExW
SearchPathW
GetVersionExA
FreeLibraryAndExitThread
DisconnectNamedPipe
UnmapViewOfFile
IsDBCSLeadByteEx
GetLargestConsoleWindowSize
ExpandEnvironmentStringsA
OpenEventW
IsBadStringPtrW
GetLongPathNameW
GetStartupInfoA

user32

RemoveMenu
GetGuiResources
keybd_event
LoadStringA
IsCharLowerW
RegisterClassExA
ReleaseCapture
OpenInputDesktop
GetClipboardOwner
EnumDisplaySettingsExA
MonitorFromWindow

gdi32

PathToRegion
SetBitmapDimensionEx
CreateRectRgnIndirect
SetStretchBltMode
SetPixel
SetDIBitsToDevice
MaskBlt
GetTextMetricsA

comdlg32

PageSetupDlgW
ChooseColorW

advapi32

GetCurrentHwProfileW
DestroyPrivateObjectSecurity
AccessCheckAndAuditAlarmW
CryptEncrypt
CryptImportKey
AdjustTokenPrivileges
AllocateLocallyUniqueId
RegSetKeySecurity
GetUserNameA
ChangeServiceConfigA
BuildSecurityDescriptorW
EnumServicesStatusW
LogonUserW
GetSidSubAuthorityCount
RegEnumKeyW
OpenThreadToken
StartServiceA

shell32

DuplicateIcon

ole32

CoDisconnectObject
StgOpenStorageEx
CoRegisterClassObject
CoInitializeSecurity
OleQueryLinkFromData
CoGetClassObject
CoGetObject
CoFileTimeNow
OleRun

oleaut32

RegisterTypeLi
SafeArrayCreate
SafeArrayUnaccessData
VariantChangeTypeEx
SysStringLen
GetActiveObject
SafeArrayPtrOfIndex

shlwapi

wnsprintfA
PathCombineW
PathRemoveBackslashA
PathCanonicalizeA
PathGetDriveNumberW
SHQueryValueExW
SHDeleteKeyA
SHAutoComplete
PathIsRelativeW
PathAddBackslashA
UrlCombineW
PathRemoveBlanksA
SHDeleteKeyW

setupapi

SetupDiEnumDriverInfoA
SetupDiDestroyDriverInfoList
SetupGetBinaryField
SetupFindFirstLineA
SetupScanFileQueueW
SetupGetLineTextA
SetupIterateCabinetA
SetupDiGetDeviceInstanceIdA
SetupScanFileQueueA
SetupInstallServicesFromInfSectionA
SetupPromptReboot
SetupGetStringFieldW

msvcrt

_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
_XcptFilter
exit
_exit

Sections

.text
Size: 304KB - Virtual size: 300KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

844d1bdfbf7035a8c1ff22109c5460a7

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

shlwapi

setupapi

msvcrt

Sections

.text Size: 304KB - Virtual size: 300KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 28KB - Virtual size: 27KB

.text
Size: 304KB - Virtual size: 300KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 28KB - Virtual size: 27KB