3cc629611961974efea0fee5e7921223

Sharing

Copy URL Twitter E-mail

General

Target

3cc629611961974efea0fee5e7921223
Size

457KB
MD5

3cc629611961974efea0fee5e7921223
SHA1

fba4af9d8282d938cbde69b3e93b3849d6b502da
SHA256

41e5c55e209eab428b4ce035656df19cf8c18e6274bc3baf66a61242aada7a02
SHA512

c5bb3013fb33e0a90f1169ac32554e9d2f454fa07a66404585c7ba44bba298bc7db16dd0e442b16681674155acb6ddd46d06f37449f30acd6e5ffde6dea400b7
SSDEEP

12288:K/fvaF6YjXv29YKnbXYpr8JKSnNsJOkLvDP+w6X:Kn/GfugrBSSshw6X

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3cc629611961974efea0fee5e7921223

Files

3cc629611961974efea0fee5e7921223
.exe windows:4 windows x86 arch:x86

3bb9abe4918f523679f7718905eb214f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

InternetAutodialHangup
SetUrlCacheEntryGroup
FindFirstUrlCacheGroup

user32

SendInput
MapDialogRect
SetForegroundWindow
CreateAcceleratorTableA
ScrollDC
GetAncestor
OpenDesktopA
CharPrevExA

comdlg32

ChooseColorW
PrintDlgA
FindTextW
ReplaceTextA
GetFileTitleA
GetFileTitleW

gdi32

Arc
GetEnhMetaFileW
SetBkMode
GetEnhMetaFilePaletteEntries
GetTextMetricsA
GetLogColorSpaceW
SetBitmapBits
CreatePolygonRgn
CreateBitmapIndirect
SetEnhMetaFileBits
GetCharacterPlacementW
RemoveFontResourceW
CreateFontIndirectA
GetEnhMetaFileA
GetKerningPairsW
EnumMetaFile
SelectClipRgn
GetPaletteEntries
GetClipRgn
GetCharacterPlacementA
SetPaletteEntries
CreateEllipticRgnIndirect
DrawEscape

kernel32

HeapCreate
SetFileAttributesW
GetTempPathW
VirtualAlloc
IsBadWritePtr
GetCommandLineW
GetModuleFileNameA
FreeEnvironmentStringsA
GetStartupInfoW
GetTimeZoneInformation
LoadLibraryA
TlsSetValue
TerminateProcess
GetACP
MultiByteToWideChar
GetCommandLineA
RtlUnwind
EnterCriticalSection
SetEnvironmentVariableA
HeapReAlloc
TlsAlloc
GetSystemTimeAsFileTime
GetModuleHandleA
VirtualProtect
GetStringTypeA
CompareStringW
ExitProcess
CompareStringA
VirtualFree
UnhandledExceptionFilter
TlsGetValue
GetCurrentProcessId
RtlFillMemory
GetDateFormatA
VirtualQuery
GetShortPathNameA
GetUserDefaultLCID
LCMapStringA
IsValidCodePage
GetCurrentThreadId
GetSystemInfo
InitializeCriticalSection
SetHandleCount
lstrcmpiW
GetLastError
GetEnvironmentStrings
GetEnvironmentStringsW
DeleteCriticalSection
InterlockedExchange
GetVersionExA
WideCharToMultiByte
LCMapStringW
GetProcAddress
EnumSystemLocalesA
FreeEnvironmentStringsW
QueryPerformanceCounter
GetStdHandle
HeapAlloc
SetLastError
WriteFile
LeaveCriticalSection
GetOEMCP
GetCurrentProcess
HeapDestroy
GetTickCount
GetCurrentThread
GetCPInfo
HeapFree
GetTimeFormatA
GetLocaleInfoA
TlsFree
GetStringTypeW
IsValidLocale
GetModuleFileNameW
GetStartupInfoA
CreateMailslotW
FileTimeToDosDateTime
GetLocaleInfoW
GetFileType
HeapSize

shell32

ExtractIconW
SHFileOperation
SheChangeDirExW
SHAppBarMessage
SHUpdateRecycleBinIcon
ShellExecuteExA
SheSetCurDrive
CheckEscapesW
ShellExecuteW
SHBrowseForFolder
SHGetSpecialFolderPathA
ShellExecuteExW
SHGetFileInfoW
ShellHookProc
ExtractAssociatedIconExW

Sections

.text
Size: 170KB - Virtual size: 169KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 280KB - Virtual size: 301KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3bb9abe4918f523679f7718905eb214f

Headers

File Characteristics

Imports

wininet

user32

comdlg32

gdi32

kernel32

shell32

Sections

.text Size: 170KB - Virtual size: 169KB

.data Size: 280KB - Virtual size: 301KB

.rsrc Size: 6KB - Virtual size: 5KB

.text
Size: 170KB - Virtual size: 169KB

.data
Size: 280KB - Virtual size: 301KB

.rsrc
Size: 6KB - Virtual size: 5KB