3c4fa86f0c1ceefbee6d7d70989cc38d

Sharing

Copy URL

Twitter E-mail

General

Target

3c4fa86f0c1ceefbee6d7d70989cc38d
Size

192KB
MD5

3c4fa86f0c1ceefbee6d7d70989cc38d
SHA1

22640c60dc8eebfe69d11c4cf7394da914b1eb64
SHA256

06e0db992ec04b84a81a85a5a14adaf1229b01f7bdf60363cc56a4ecf4a89d86
SHA512

06738286d23534530a6576cf6a4480d545b6ec9256f7ad2278c0fbef2413983ec4782b874972553697eb30003f1e993d4fb75ac5b76195961e62eba2ff0689c9
SSDEEP

3072:6Z6yn7u1v176XaEcduTjdZJ18G0QKKUFplcJbo6PWlKMswIcNZgkui:6Zr7m7oHTJB8d2WKMsjj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3c4fa86f0c1ceefbee6d7d70989cc38d

Files

3c4fa86f0c1ceefbee6d7d70989cc38d
.exe windows:4 windows x86 arch:x86

e606d85c41bc6a09f733b69edfa52cad

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

version

VerFindFileA
GetFileVersionInfoA
VerQueryValueA

ole32

CoReleaseMarshalData
ReleaseStgMedium
WriteClassStm
CLSIDFromString
CoGetMalloc
OleRegGetUserType
StgOpenStorage
CLSIDFromProgID
CoUninitialize
StgCreateDocfileOnILockBytes

gdi32

GetDIBits
GetRgnBox
SetPixel
CreateCompatibleDC

kernel32

GetFullPathNameA
LockResource
SetFilePointer
IsBadReadPtr
LocalReAlloc
MulDiv
GetCommandLineW
LoadLibraryA
EnumCalendarInfoA
GetThreadLocale
LoadLibraryExA
MoveFileExA
lstrcmpiA
VirtualQuery
GetStdHandle
CreateEventA
HeapFree
GetCurrentProcessId
ExitThread
SetEvent
FreeLibrary
GetStringTypeW
GetACP
GetLastError
InitializeCriticalSection
GetModuleHandleW
RaiseException
GetCurrentProcess
GetSystemDefaultLangID
GetLocalTime
FreeResource
HeapAlloc
GlobalFindAtomA
lstrlenA
Sleep
ExitProcess
LocalFree
WideCharToMultiByte
VirtualAllocEx
SetHandleCount
GetDateFormatA
SetEndOfFile
CreateFileA
DeleteFileA
GlobalAlloc
GetModuleHandleA
VirtualAlloc
SetLastError
MoveFileA
LoadResource
GetProcAddress
SetErrorMode

Sections

CODE
Size: 96KB - Virtual size: 94KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gdata
Size: 60KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e606d85c41bc6a09f733b69edfa52cad

Headers

File Characteristics

Imports

version

ole32

gdi32

kernel32

Sections

CODE Size: 96KB - Virtual size: 94KB

.rdata Size: 16KB - Virtual size: 12KB

.data Size: 4KB - Virtual size: 2KB

.bss Size: 4KB - Virtual size: 1KB

.gdata Size: 60KB - Virtual size: 59KB

.rsrc Size: 8KB - Virtual size: 7KB

CODE
Size: 96KB - Virtual size: 94KB

.rdata
Size: 16KB - Virtual size: 12KB

.data
Size: 4KB - Virtual size: 2KB

.bss
Size: 4KB - Virtual size: 1KB

.gdata
Size: 60KB - Virtual size: 59KB

.rsrc
Size: 8KB - Virtual size: 7KB