3bc6ae3273e1e370138816be5ec448bd

General

Target

3bc6ae3273e1e370138816be5ec448bd
Size

18KB
MD5

3bc6ae3273e1e370138816be5ec448bd
SHA1

b38aa031added7a0c324cce54a062bce7d275a8a
SHA256

3b94f68d6514da2c6323d185bf10ef1254c1c44db1f6eb7895503af3afc1ff5a
SHA512

4418297c6e7a536cde267caf8be3d456e4658aa0722df344bf8aa13cb6d7b314b59405fcf2d461d3180bede07d0b881c5b11bad3b3d556b911691a3bcfa53aad
SSDEEP

384:ihigYI0voyWtqEe2Ad/BYEnBXOGSZr0n0eLjJG18:ihiLIk9dBYEBXFSZrFeLjJQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3bc6ae3273e1e370138816be5ec448bd

Files

3bc6ae3273e1e370138816be5ec448bd
.exe windows:4 windows x86 arch:x86

66b42427583ec4d4c59b3cd215d8b097

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

psapi

EnumProcessModules
GetModuleFileNameExA

kernel32

GetCommandLineW
GetStartupInfoA
lstrlenA
GetProcAddress
LoadLibraryA
lstrcatA
lstrcpyA
GetFileAttributesA
SetFileTime
CloseHandle
GetFileTime
CreateFileA
Sleep
LocalFree
WideCharToMultiByte
lstrlenW
GetModuleHandleA
ExitProcess
GetLastError
GetModuleFileNameA
GetTempPathA
GetUserDefaultLangID
TerminateProcess
OpenProcess
Process32Next
DeleteFileA
MoveFileExA
Process32First
CreateToolhelp32Snapshot
SetErrorMode

user32

CreateWindowExA
DispatchMessageA
wsprintfA

shell32

CommandLineToArgvW
SHGetFolderPathA

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

msvcrt

_strdup
__setusermatherr
_strcmpi
_initterm
_controlfp
__set_app_type
__p__fmode
__p__commode
__getmainargs
_except_handler3
atoi
toupper
strstr
strlen
malloc
fclose
ftell
fseek
fopen
fwrite
fputs
fread
memset
sscanf
strcpy
free
strcat
abs
strrchr
strcmp
time
_exit
_XcptFilter
exit
_acmdln
_adjust_fdiv

Sections

.bss
Size: - Virtual size: 6KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 928B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

66b42427583ec4d4c59b3cd215d8b097

Headers

File Characteristics

Imports

psapi

kernel32

user32

shell32

version

msvcrt

Sections

.bss Size: - Virtual size: 6KB

.data Size: 16KB - Virtual size: 16KB

.rsrc Size: 1024B - Virtual size: 928B

.bss
Size: - Virtual size: 6KB

.data
Size: 16KB - Virtual size: 16KB

.rsrc
Size: 1024B - Virtual size: 928B