3c432d1d6970f7d30a982ebb9debbe8c

Sharing

Copy URL

Twitter E-mail

General

Target

3c432d1d6970f7d30a982ebb9debbe8c
Size

604KB
MD5

3c432d1d6970f7d30a982ebb9debbe8c
SHA1

f99ec9a77a8fd13fbc3b65ac7e5e72b3c40a02ff
SHA256

db0518f99ed2dea6418de9c1d436a010fd05ad0b1bb37223757cdb8d815d9bdd
SHA512

426fc982636b68b6a80fc3632da3c548c2c98742acc3b992bfd7fa35c7e8d3f781bebaaf6091c53349cf9f1b35cf8334211d7590d8b22ca0cbad3121c176ee1b
SSDEEP

12288:ttGZAB1DUZw9Kr8MU6KQs5i1+c3n83v/8SbBw:jEYUZw9KrQ6KW153nW/8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3c432d1d6970f7d30a982ebb9debbe8c

Files

3c432d1d6970f7d30a982ebb9debbe8c
.exe windows:4 windows x86 arch:x86

d94a9074301c6194ee4d91b19cc94cd0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TlsAlloc
EnumTimeFormatsW
GetTimeZoneInformation
GetLastError
FreeEnvironmentStringsA
WriteFile
GetCurrentThreadId
SetStdHandle
HeapSize
FreeEnvironmentStringsW
EnumSystemLocalesA
HeapAlloc
GetDateFormatA
InterlockedExchange
GetCurrentProcessId
GetCalendarInfoW
HeapFree
WritePrivateProfileSectionW
GetVersionExA
GetTimeFormatA
GetFileSize
EnumTimeFormatsA
GetProcAddress
GetEnvironmentStrings
TerminateProcess
IsValidLocale
CreateMutexA
GetSystemInfo
HeapDestroy
RtlUnwind
GetOEMCP
MultiByteToWideChar
LCMapStringA
GetWindowsDirectoryA
GetStringTypeW
GetModuleFileNameA
LoadLibraryA
IsBadWritePtr
GetStartupInfoW
VirtualProtectEx
SetLastError
GetPriorityClass
CompareStringA
ExitProcess
HeapReAlloc
FlushFileBuffers
GetStringTypeA
VirtualProtect
UnhandledExceptionFilter
VirtualAlloc
GetCurrentThread
GetStartupInfoA
GetCommandLineA
SetFilePointer
QueryPerformanceCounter
HeapLock
CompareStringW
GetModuleHandleA
GetFileType
GetPrivateProfileIntW
TlsSetValue
GetStdHandle
GetCurrentProcess
ReadFile
GetUserDefaultLCID
IsValidCodePage
DeleteCriticalSection
WideCharToMultiByte
GetCPInfo
VirtualQuery
TlsFree
GetLocaleInfoW
LeaveCriticalSection
SetHandleCount
GetACP
GetTickCount
GetModuleFileNameW
LCMapStringW
InitializeCriticalSection
CloseHandle
GetSystemTimeAsFileTime
VirtualFree
GetLocaleInfoA
GetEnvironmentStringsW
EnterCriticalSection
TlsGetValue
HeapCreate
OpenMutexA
SetEnvironmentVariableA
GetFileAttributesExW
GetCommandLineW
GetLongPathNameA

comctl32

ImageList_BeginDrag
ImageList_GetImageRect
ImageList_DragEnter
InitCommonControlsEx
ImageList_Destroy
ImageList_GetImageCount
ImageList_GetIcon
DrawStatusTextW
ImageList_SetBkColor
ImageList_DragLeave
ImageList_LoadImageA

user32

GetKeyboardState
MessageBoxW
EnumChildWindows
DefWindowProcW
FillRect
DdeKeepStringHandle
OpenWindowStationW
InsertMenuItemA
SendIMEMessageExA
IsCharAlphaNumericW
ShowWindow
SetScrollRange
RegisterClassA
AnimateWindow
OemToCharW
EnumPropsW
SetDoubleClickTime
DdeConnect
CharNextA
SetMenuItemInfoW
DlgDirSelectComboBoxExW
CreateWindowExA
CreateCaret
VkKeyScanExW
GetCursorInfo
RegisterClassExA
DefMDIChildProcA
MenuItemFromPoint
SetKeyboardState
DdeCmpStringHandles
EnumDesktopsA
SetCapture
CheckMenuRadioItem
SetWindowLongA
DestroyAcceleratorTable
CreateDesktopA
DestroyWindow
DefDlgProcW
InvalidateRect
GetKeyNameTextW
DrawStateA
CopyAcceleratorTableW
OpenClipboard
GetParent
CharLowerBuffA
MessageBoxExW
ClipCursor
CreateWindowExW
GetAsyncKeyState
GetPropW
PostThreadMessageW
wsprintfA
AppendMenuW
TranslateAcceleratorA
TileChildWindows
DdeQueryNextServer
IsWindowVisible
CheckRadioButton
AppendMenuA
IsCharAlphaW
SendMessageW
CreateCursor
LoadCursorA
CharUpperBuffA
GrayStringW
IsDlgButtonChecked
DestroyIcon
SwitchDesktop
EnumPropsExW

wininet

FtpRenameFileA
CommitUrlCacheEntryW

shell32

SHGetPathFromIDListW

Sections

.text
Size: 164KB - Virtual size: 163KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 260KB - Virtual size: 259KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 108KB - Virtual size: 123KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 68KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d94a9074301c6194ee4d91b19cc94cd0

Headers

File Characteristics

Imports

kernel32

comctl32

user32

wininet

shell32

Sections

.text Size: 164KB - Virtual size: 163KB

.rdata Size: 260KB - Virtual size: 259KB

.data Size: 108KB - Virtual size: 123KB

.rsrc Size: 68KB - Virtual size: 66KB

.text
Size: 164KB - Virtual size: 163KB

.rdata
Size: 260KB - Virtual size: 259KB

.data
Size: 108KB - Virtual size: 123KB

.rsrc
Size: 68KB - Virtual size: 66KB