3b6c3f7a38106f6d3bf5b39c8ca1fa31

Sharing

Copy URL Twitter E-mail

General

Target

3b6c3f7a38106f6d3bf5b39c8ca1fa31
Size

326KB
MD5

3b6c3f7a38106f6d3bf5b39c8ca1fa31
SHA1

0d8d389ee2646d99060205a9b85897ef25942c75
SHA256

4c7d772c6191a19d1cd6cebe84ac84c84c53ec8e90d01e4e3267cb388973788d
SHA512

ad0a6db27eaba4d742015da3bee476e8981b315c0143b3b38a2edf77fafbbe31bdfe9c09ab9d55b3f83706f956ffe7e9686dcc7df53891ea8a147198842579ef
SSDEEP

6144:4C3FMMnMMMMMafRSY3qzZO+S0wXJ5rCxNbiTVOIV7S/Mw1KDKr:N1MMnMMMMMExul5wXH+x9Uv8/Mw1GK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3b6c3f7a38106f6d3bf5b39c8ca1fa31

Files

3b6c3f7a38106f6d3bf5b39c8ca1fa31
.exe windows:4 windows x86 arch:x86

7ea35ac7831f4bf6c95d8cac0bebe2f0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

CallMsgFilterW

mswsock

sethostname

msi

MsiConfigureFeatureW
MsiAdvertiseProductA
MsiConfigureFeatureA

ddraw

DirectDrawEnumerateA

samlib

SamRemoveMultipleMembersFromAlias
SamTestPrivateFunctionsUser
SamiEncryptPasswords
SamConnectWithCreds

kernel32

UnlockFile
GetSystemDirectoryA
GetCommandLineA
lstrcmpiW
ResetEvent
HeapFree
FormatMessageW
GetTickCount
_llseek
CreateProcessW
GetCurrentProcess
GetShortPathNameA
FreeEnvironmentStringsW
RtlUnwind
FlushFileBuffers
FreeLibrary
GetStdHandle
FormatMessageA
SetFileTime
MultiByteToWideChar
GetOEMCP
GetSystemTime
GetVersion
GetCurrentThreadId
LoadLibraryExA
GetLocalTime
SizeofResource
UnhandledExceptionFilter
SetFilePointer
GetModuleFileNameW
GetModuleFileNameA
Sleep
GlobalHandle
GetVersionExA
ExitProcess
LCMapStringW
LoadLibraryA
InitializeCriticalSection
GetStringTypeA
SearchPathA
VirtualQuery
GetTempPathA
GetFileAttributesA
InterlockedIncrement
HeapDestroy
FileTimeToLocalFileTime
GetDriveTypeA
FindResourceA
GetSystemDefaultLCID
DuplicateHandle
GetUserDefaultLCID
GetTimeZoneInformation
lstrcpynA
GetSystemDefaultLangID
GetFileType
DeleteFileA
GetACP
MoveFileA
HeapAlloc
LeaveCriticalSection
VirtualFree
FileTimeToSystemTime
_lread
FlushInstructionCache
WaitForSingleObject
CompareStringA
HeapCreate
CloseHandle
WinExec
TerminateProcess
FindClose
SetEvent
GlobalDeleteAtom
HeapReAlloc
IsBadCodePtr
SystemTimeToFileTime
CreateThread
CreateEventA
GetLocaleInfoA
GlobalFree
VirtualAlloc
GlobalSize
FindFirstFileA
SetEnvironmentVariableA
SetCurrentDirectoryA
GlobalAddAtomA
EnterCriticalSection
ReleaseSemaphore
GetSystemInfo
MulDiv
GetModuleHandleA
GetStringTypeExA
RaiseException
GlobalLock
InterlockedDecrement
FindNextFileA
SetLocalTime
GetProcAddress
lstrcatA
CreateProcessA
TlsGetValue
GetEnvironmentStrings
IsBadReadPtr
SetErrorMode
GetEnvironmentStringsW
GlobalAlloc
CreateSemaphoreA

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 308KB - Virtual size: 307KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 3KB - Virtual size: 696KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 72B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7ea35ac7831f4bf6c95d8cac0bebe2f0

Headers

DLL Characteristics

File Characteristics

Imports

user32

mswsock

msi

ddraw

samlib

kernel32

Sections

.text Size: 1KB - Virtual size: 1KB

.rdata Size: 9KB - Virtual size: 8KB

.rsrc Size: 308KB - Virtual size: 307KB

.idata Size: 3KB - Virtual size: 3KB

.data Size: 3KB - Virtual size: 696KB

.reloc Size: 512B - Virtual size: 72B

.text
Size: 1KB - Virtual size: 1KB

.rdata
Size: 9KB - Virtual size: 8KB

.rsrc
Size: 308KB - Virtual size: 307KB

.idata
Size: 3KB - Virtual size: 3KB

.data
Size: 3KB - Virtual size: 696KB

.reloc
Size: 512B - Virtual size: 72B