3c60d0a53e29c6ecbf5d380ac71c64d7

Sharing

Copy URL Twitter E-mail

General

Target

3c60d0a53e29c6ecbf5d380ac71c64d7
Size

17KB
MD5

3c60d0a53e29c6ecbf5d380ac71c64d7
SHA1

2d359f26992f7e52e441886438bd729b405e008b
SHA256

57d4d5be34268437424bc96ad2b127ba5b0518b6f7815d1e30c47c4594a9591d
SHA512

55986218b60ac2f106a54cc41a171b333aa75858502ed33b1de0726ca050f7de715000b286412b28653ee5c56cec7c718af82abd576c18ed13d68c98755205ab
SSDEEP

384:Q45JB4EUklJYDVnrIzTxlzjMvlCAC8OWi8f2a/:vxvUklonrMrzjIlCj38f3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3c60d0a53e29c6ecbf5d380ac71c64d7

Files

3c60d0a53e29c6ecbf5d380ac71c64d7
.exe windows:4 windows x86 arch:x86

12088733bbcc5b5e083063c2db211156

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLastError
VirtualProtect
ReleaseSemaphore
GetStringTypeW
EnumDateFormatsExW
SetErrorMode
GetConsoleScreenBufferInfo
CreateProcessW
GetFileAttributesW
CreateDirectoryExA
CreateNamedPipeW
SetConsolePalette
CreateMailslotW
SignalObjectAndWait
SetConsoleCursor
GetNumberFormatA
GetProfileSectionA
ClearCommError
ConsoleMenuControl
CloseConsoleHandle
FindVolumeMountPointClose
GetExitCodeThread
FreeResource
GlobalGetAtomNameA
ReadProcessMemory
BuildCommDCBW
InterlockedExchangeAdd
GetVolumeInformationW
AddConsoleAliasA
FindVolumeClose
FoldStringW
MoveFileWithProgressW
UpdateResourceA
lstrlen
BindIoCompletionCallback
EnumDateFormatsA
GetEnvironmentStringsW
Process32First
GetCompressedFileSizeW
SetProcessWorkingSetSize
GetConsoleKeyboardLayoutNameW
GetFileSize
GetSystemTimeAdjustment
SetTermsrvAppInstallMode
DeleteVolumeMountPointA
IsDBCSLeadByte
RegisterConsoleVDM
FindFirstFileA

user32

GetMonitorInfoW
RedrawWindow
CreateIconFromResource
SendMessageTimeoutW
SetRectEmpty
GetClipboardSequenceNumber
SetDlgItemInt
GetNextDlgTabItem
CreateWindowExW
DrawCaptionTempA

gdi32

GdiCreateLocalMetaFilePict
EnumObjects
GetTextCharset
CreatePalette
EngMarkBandingSurface
GdiEntry8
GetEUDCTimeStamp
GdiRealizationInfo
GetCharacterPlacementW
CreateColorSpaceA

comdlg32

FindTextW
Ssync_ANSI_UNICODE_Struct_For_WOW
ChooseFontA
ReplaceTextA
GetSaveFileNameW
ChooseColorA
CommDlgExtendedError
PrintDlgA
GetFileTitleW
PrintDlgExW
GetOpenFileNameW
dwLBSubclass
PageSetupDlgA

psapi

GetDeviceDriverBaseNameW
GetMappedFileNameA
GetDeviceDriverBaseNameA
GetProcessMemoryInfo
InitializeProcessForWsWatch
EnumProcessModules
GetWsChanges
EnumDeviceDrivers
GetModuleFileNameExW
QueryWorkingSet
EmptyWorkingSet
GetModuleBaseNameA

comctl32

ImageList_DragMove
PropertySheetW
ImageList_SetImageCount
ImageList_SetFlags
ImageList_AddIcon
FlatSB_ShowScrollBar
FlatSB_SetScrollProp
ImageList_Draw
ImageList_Write
ImageList_EndDrag
PropertySheet
InitializeFlatSB
CreateStatusWindowW
FlatSB_GetScrollInfo
GetMUILanguage
CreateStatusWindow
DestroyPropertySheetPage
CreateToolbarEx
ImageList_GetImageCount
ImageList_Merge
InitCommonControlsEx
ImageList_SetDragCursorImage
DrawStatusText
FlatSB_SetScrollInfo
ImageList_GetIcon

Sections

.text
Size: 4KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

12088733bbcc5b5e083063c2db211156

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

psapi

comctl32

Sections

.text Size: 4KB - Virtual size: 80KB

.data Size: 7KB - Virtual size: 8KB

.idata Size: 4KB - Virtual size: 4KB

.text
Size: 4KB - Virtual size: 80KB

.data
Size: 7KB - Virtual size: 8KB

.idata
Size: 4KB - Virtual size: 4KB