3bcee5c81e47f8bd3ac58d4e498012c3

Sharing

Copy URL

Twitter E-mail

General

Target

3bcee5c81e47f8bd3ac58d4e498012c3
Size

320KB
MD5

3bcee5c81e47f8bd3ac58d4e498012c3
SHA1

d1b3f136fe521d9ef2beeba789b19f9659ebd8fe
SHA256

e90d9f41cb2ebb43b0a103d0255f1f2f7dbe5c7d646df1ff5b679bca373775fe
SHA512

8651609b13a835030efacfd639844038dd250cb893842e97b38c786c2ede5ef155a8217f32f162d6c28a33425c0d04c95d7da1ad8c04c35a84158a997b9efea8
SSDEEP

6144:LYlsYAQiHQMgEqXXX5zsXV0BsBWUxaTcv1:0lEmTXXyXOBxUxaTcv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3bcee5c81e47f8bd3ac58d4e498012c3

Files

3bcee5c81e47f8bd3ac58d4e498012c3
.exe windows:4 windows x86 arch:x86

61a2a00879e2649fdec0e352cc54f5e9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetEnvironmentVariableA
CompareStringW
CompareStringA
GetSystemInfo
VirtualProtect
SetStdHandle
LCMapStringW
LCMapStringA
GetLocaleInfoA
GetStringTypeW
MultiByteToWideChar
GetStringTypeA
VirtualQuery
GetLastError
GetCPInfo
GetOEMCP
GetACP
IsBadCodePtr
IsBadReadPtr
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetFileType
GetStdHandle
SetHandleCount
FlushFileBuffers
IsBadWritePtr
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
HeapSize
GetCurrentProcess
GlobalSize
GlobalLock
GlobalUnlock
LeaveCriticalSection
EnterCriticalSection
GetExitCodeThread
Sleep
InterlockedCompareExchange
ResumeThread
WaitForSingleObject
InterlockedExchange
LoadLibraryA
GetTickCount
CloseHandle
CreateFileA
WriteFile
SetFilePointer
DeleteCriticalSection
TerminateProcess
GetModuleFileNameA
GetCurrentProcessId
QueryPerformanceCounter
GetTimeZoneInformation
WideCharToMultiByte
GetProcAddress
TlsGetValue
TlsSetValue
TlsFree
SetLastError
TlsAlloc
GetVersionExA
GetCommandLineA
GetStartupInfoA
GetModuleHandleA
CreateThread
GetCurrentThreadId
ExitThread
HeapFree
RaiseException
HeapAlloc
HeapReAlloc
ExitProcess
RtlUnwind
GetSystemTimeAsFileTime
InitializeCriticalSection
SetUnhandledExceptionFilter
GetTempPathA

user32

SendMessageA
CreateWindowExA
SetTimer
UpdateWindow
ShowWindow
TrackPopupMenu
GetSubMenu
GetSystemMetrics
SystemParametersInfoA
PostMessageA
FillRect
MoveWindow
GetClientRect
EndDialog
SendDlgItemMessageA
PostQuitMessage
MessageBoxA
DefWindowProcA
InvalidateRect
DialogBoxParamA
DestroyWindow
CloseClipboard
GetClipboardData
OpenClipboard
SetCursor
BeginPaint
GetCursorPos
LoadAcceleratorsA
UnregisterClassA
KillTimer
LoadStringA
LoadCursorA
GetMessageA
TranslateAcceleratorA
TranslateMessage
DispatchMessageA
RegisterClassExA
ScreenToClient
EndPaint

gdi32

CreateCompatibleBitmap
BitBlt
DeleteDC
CreateFontA
DeleteObject
SelectObject
SetTextColor
TextOutA
CreateCompatibleDC

shell32

DragFinish
ShellExecuteA

ws2_32

inet_addr
ntohs
WSACancelAsyncRequest
WSAAsyncGetHostByName
htons
WSACreateEvent
closesocket
recvfrom
WSAEventSelect
recv
WSAGetLastError
send
WSAEnumNetworkEvents
connect
ioctlsocket
bind
socket
setsockopt
WSASetEvent
inet_ntoa
WSACleanup
WSAStartup
ntohl
WSAAsyncSelect
listen
accept
WSASetLastError
select
sendto

iphlpapi

GetAdaptersInfo

msimg32

GradientFill

comctl32

ord17

Sections

.text
Size: 236KB - Virtual size: 232KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 44KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

61a2a00879e2649fdec0e352cc54f5e9

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shell32

ws2_32

iphlpapi

msimg32

comctl32

Sections

.text Size: 236KB - Virtual size: 232KB

.rdata Size: 32KB - Virtual size: 29KB

.data Size: 44KB - Virtual size: 53KB

.rsrc Size: 4KB - Virtual size: 2KB

.text
Size: 236KB - Virtual size: 232KB

.rdata
Size: 32KB - Virtual size: 29KB

.data
Size: 44KB - Virtual size: 53KB

.rsrc
Size: 4KB - Virtual size: 2KB