3b77749436e8591f6a577295367b92a7

Sharing

Copy URL Twitter E-mail

General

Target

3b77749436e8591f6a577295367b92a7
Size

92KB
MD5

3b77749436e8591f6a577295367b92a7
SHA1

afbcfa0efcf432b6b5b4494cd6c4f71cb57944b6
SHA256

d6f905ec593fb2bbb2153aac4dc4d89572b8db9eebb86bc377c03cac216bd3ee
SHA512

e2cf3f66c04e7056c999099537159f4ca928954062f25bb3e53e059c4e1759159b365330fa646a0fa17b377cf5ebefab48d7934b650f33a1987e33c0de12f1e5
SSDEEP

768:4peXSM2HZKn40FNFWdjTKh6uY1UqyEBlMTUkzninc5ej6t7AC02/nNlca78:4QXSM25KYFKPYZrMTSFgAxKlca78

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3b77749436e8591f6a577295367b92a7

Files

3b77749436e8591f6a577295367b92a7
.exe windows:4 windows x86 arch:x86

a5dd9c68535dcda40d317095d55935a0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLastError
LoadLibraryA
FreeLibrary
OpenEventA
SetEvent
OpenMutexA
CloseHandle
GetVolumeInformationA
Sleep
FlushFileBuffers
LCMapStringW
FindClose
FindFirstFileA
CreateDirectoryA
WriteFile
SetFilePointer
CreateFileA
GetProcAddress
GetExitCodeProcess
WaitForMultipleObjects
CreateProcessA
DeleteFileA
GetTempPathA
GetModuleFileNameA
GetModuleHandleA
ReleaseMutex
CreateMutexA
SetLastError
WaitForSingleObject
DeviceIoControl
GetVersionExA
RtlUnwind
RaiseException
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
InterlockedDecrement
InterlockedIncrement
MultiByteToWideChar
HeapFree
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsGetValue
HeapAlloc
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
SetUnhandledExceptionFilter
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
HeapReAlloc
HeapSize
VirtualAlloc
IsBadWritePtr
IsBadReadPtr
IsBadCodePtr
GetCPInfo
GetACP
GetOEMCP
GetStringTypeA
GetStringTypeW
SetStdHandle
LCMapStringA

advapi32

RegSetValueExA
RegDeleteValueA
RegDeleteKeyA
RegCloseKey
RegOpenKeyExA
RegQueryValueExA
RegCreateKeyExA

wininet

InternetCrackUrlA
InternetConnectA
HttpOpenRequestA
HttpAddRequestHeadersA
HttpSendRequestA
InternetOpenA
InternetOpenUrlA
HttpQueryInfoA
InternetReadFile
InternetCloseHandle
InternetGetConnectedState

ws2_32

inet_addr

Sections

.text
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

a5dd9c68535dcda40d317095d55935a0

Headers

File Characteristics

Imports

kernel32

advapi32

wininet

ws2_32

Sections

.text Size: 48KB - Virtual size: 47KB

.rdata Size: 16KB - Virtual size: 12KB

.data Size: 16KB - Virtual size: 20KB

.text
Size: 48KB - Virtual size: 47KB

.rdata
Size: 16KB - Virtual size: 12KB

.data
Size: 16KB - Virtual size: 20KB