3be35e189596994f537178460af5f99b

Sharing

Copy URL

Twitter E-mail

General

Target

3be35e189596994f537178460af5f99b
Size

169KB
MD5

3be35e189596994f537178460af5f99b
SHA1

f1c1cfe0ecd553a721072cfcde5aeabdb3967c50
SHA256

10c5fa73bd914450f11017e5520b723fdef271d2cfc9de2ab168979ccfced59c
SHA512

7695fe0e7679f50d27d99e9eaab809ec8c1640c8d6ccd920812309c2b3048d0da7dd61b4ab388f81fabbb412213edb56b14aff40822b48d76b89f5844db9eb6a
SSDEEP

3072:kHowtWqr5jZzeIv50DBQqoDKR5bmqWlp5FXG8mzA8CKj6p8QTvEOWeA8S+J6w4eL:2d79jpbpqpjmqWlp+d88CK2CQTvEOWeU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3be35e189596994f537178460af5f99b

Files

3be35e189596994f537178460af5f99b
.exe windows:5 windows x86 arch:x86

f0c2611ef82716072c0b661374e4ff87

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

psapi

GetModuleBaseNameW

rpcrt4

NdrpCreateProxy

msvcrt

wcscmp
strcmp

kernel32

FileTimeToLocalFileTime
CreateEventA
HeapCreate
GetCommProperties
GlobalHandle
GetUserDefaultLangID
CreateSemaphoreA
CreateSemaphoreW
SearchPathA
lstrcpyA
SetNamedPipeHandleState
OpenFileMappingW
GetCPInfo
IsDBCSLeadByteEx
DeleteFileA
SetupComm
TlsSetValue
FindFirstFileW
GetTimeFormatA
FlushViewOfFile
SetUnhandledExceptionFilter
LocalUnlock
SetLastError
GetLastError
GetFileType
CreateFileW
GlobalFlags
WaitForSingleObjectEx
WaitCommEvent
ResetEvent
EnterCriticalSection
DeleteCriticalSection
DefineDosDeviceW

Exports

Exports

IsComponentOriginal

Sections

.text
Size: 134KB - Virtual size: 133KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.On59
Size: 1024B - Virtual size: 966B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.Zek
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.Eh0887
Size: 512B - Virtual size: 28B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.Nus
Size: 512B - Virtual size: 145B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.Re82
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.Cru
Size: 512B - Virtual size: 128B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.Lax503
Size: 512B - Virtual size: 330B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.Tup
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f0c2611ef82716072c0b661374e4ff87

Headers

DLL Characteristics

File Characteristics

Imports

psapi

rpcrt4

msvcrt

kernel32

Exports

Exports

Sections

.text Size: 134KB - Virtual size: 133KB

.On59 Size: 1024B - Virtual size: 966B

.Zek Size: 512B - Virtual size: 4KB

.Eh0887 Size: 512B - Virtual size: 28B

.Nus Size: 512B - Virtual size: 145B

.Re82 Size: 1KB - Virtual size: 1KB

.Cru Size: 512B - Virtual size: 128B

.Lax503 Size: 512B - Virtual size: 330B

.Tup Size: 22KB - Virtual size: 21KB

.data Size: 2KB - Virtual size: 1KB

.rsrc Size: 512B - Virtual size: 16B

.reloc Size: 5KB - Virtual size: 4KB

.text
Size: 134KB - Virtual size: 133KB

.On59
Size: 1024B - Virtual size: 966B

.Zek
Size: 512B - Virtual size: 4KB

.Eh0887
Size: 512B - Virtual size: 28B

.Nus
Size: 512B - Virtual size: 145B

.Re82
Size: 1KB - Virtual size: 1KB

.Cru
Size: 512B - Virtual size: 128B

.Lax503
Size: 512B - Virtual size: 330B

.Tup
Size: 22KB - Virtual size: 21KB

.data
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 512B - Virtual size: 16B

.reloc
Size: 5KB - Virtual size: 4KB