3beb1f2e2f1dbe196a6ab3f054e158b9

Sharing

Copy URL

Twitter E-mail

General

Target

3beb1f2e2f1dbe196a6ab3f054e158b9
Size

248KB
MD5

3beb1f2e2f1dbe196a6ab3f054e158b9
SHA1

312e0147553f918c96a9abd7c48b101fa8f4ecda
SHA256

bdb86a07701126fb3727de1513b856384839e61944c5a19ec75fb40b360e9161
SHA512

a4f58e8b45042818d29d4a022a421c44ce051b0bf692ea6bad88bfbdea880296d14036794bb095321b186322abae6f5bb5253259c41272e5e7a97d7d87d17182
SSDEEP

6144:FJK26RRbmjYvVK3l73ar2ZoRLrwseo1T7CiiNlmrvzczRPDkm:vK26RRbmjYvU3lzaXrJ7T+iiT27c1PX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3beb1f2e2f1dbe196a6ab3f054e158b9

Files

3beb1f2e2f1dbe196a6ab3f054e158b9
.exe windows:4 windows x86 arch:x86

3149862672fc98fe61a0f92bb8f50564

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleFileNameA
WaitForSingleObject
GetProcAddress
LoadLibraryA
GetTickCount
GetSystemDefaultLangID
SetThreadPriority
GetCurrentThread
GetCurrentProcess
FreeLibrary
GetSystemDirectoryA
GetWindowsDirectoryA
MoveFileA
SetFileAttributesA
DeleteFileA
GetTempFileNameA
GetTempPathA
ExitProcess
GetFileAttributesA
GetFullPathNameA
GetCommandLineA
FindClose
FindNextFileA
FindFirstFileA
GetVersionExA
TerminateProcess
Sleep
CreateFileA
lstrcatA
SetPriorityClass
QueryPerformanceFrequency
QueryPerformanceCounter
GetExitCodeProcess
OutputDebugStringA
SetComputerNameA
MulDiv
lstrcmpA
GetSystemTimeAsFileTime
CreateThread
UnlockFile
FileTimeToSystemTime
FileTimeToLocalFileTime
ReadFile
SetFilePointer
HeapAlloc
GetProcessHeap
HeapFree
GlobalMemoryStatus
ReleaseMutex
GetVolumeInformationA
GetLogicalDrives
CreateProcessA
GetCurrentProcessId
CreateMutexA
GetLastError
OpenProcess
WriteProcessMemory
GetModuleHandleA
CloseHandle
lstrlenA
LocalAlloc
lstrcpynA
GetComputerNameA
lstrcpyA
MultiByteToWideChar
WideCharToMultiByte
lstrcmpiA
LeaveCriticalSection
GetTimeZoneInformation
FreeResource
FreeEnvironmentStringsA
WriteFile
GetStringTypeW
GetStringTypeA
UnhandledExceptionFilter
GetStdHandle
LocalFree
GetFileType
SetHandleCount
TlsGetValue
SetEnvironmentVariableA
CompareStringW
CompareStringA
SetStdHandle
GetOEMCP
GetACP
FlushFileBuffers
IsBadCodePtr
IsBadReadPtr
SetUnhandledExceptionFilter
LCMapStringW
LCMapStringA
GetCPInfo
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FormatMessageA
LoadLibraryExA
GetLocalTime
CopyFileA
GetStartupInfoA
SizeofResource
LockResource
LoadResource
FindResourceA
SetLastError
GlobalAlloc
GlobalFree
RtlUnwind
EnterCriticalSection
InitializeCriticalSection
DeleteCriticalSection
GetSystemTime
HeapReAlloc
GetVersion
HeapDestroy
HeapCreate
VirtualFree
InterlockedDecrement
TlsSetValue
VirtualAlloc
IsBadWritePtr
GetCurrentThreadId
InterlockedIncrement
TlsAlloc

user32

ExitWindowsEx
wsprintfA
RegisterClassA
DefWindowProcA
SetDlgItemTextA
SetTimer
MoveWindow
GetDlgItem
SendMessageA
EndDialog
DialogBoxParamA

advapi32

RegCreateKeyExA
RegOpenKeyExA
RegQueryValueExA
RegConnectRegistryA
RegCloseKey
RegSetValueExA
RegOpenKeyA
RegEnumKeyExA
RegCreateKeyA
RegEnumKeyA
RegDeleteValueA
GetUserNameA
RegQueryInfoKeyA
RegEnumValueA
RegRestoreKeyA
RegSaveKeyA

wsock32

inet_addr
send
WSAGetLastError
recv
inet_ntoa
connect
select
ioctlsocket
socket
htons
closesocket
getsockname
gethostname
gethostbyname
WSAStartup
WSACleanup
setsockopt

Sections

.text
Size: 188KB - Virtual size: 185KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 44KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 52KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3149862672fc98fe61a0f92bb8f50564

Headers

File Characteristics

Imports

kernel32

user32

advapi32

wsock32

Sections

.text Size: 188KB - Virtual size: 185KB

.rdata Size: 8KB - Virtual size: 6KB

.data Size: 44KB - Virtual size: 76KB

.rsrc Size: 52KB - Virtual size: 48KB

.text
Size: 188KB - Virtual size: 185KB

.rdata
Size: 8KB - Virtual size: 6KB

.data
Size: 44KB - Virtual size: 76KB

.rsrc
Size: 52KB - Virtual size: 48KB