3d0556ed9ea4d1ac4d09a11acf1e6e2d

General

Target

3d0556ed9ea4d1ac4d09a11acf1e6e2d
Size

108KB
MD5

3d0556ed9ea4d1ac4d09a11acf1e6e2d
SHA1

061ce01ee16cc80eebc49df6369d1de187359acd
SHA256

13b41ee16628b3e26326b7cf7ec1ad46cf1a07e3dc8fb43377fb30f8b9f68bef
SHA512

0ae2d6808d3676f2423a0fc3d6595e016eed5d9bcbe94b41e5cd47011e0dae346bf583bf2b161b8b81eebef2cd83dce4d5848cfe4948a151d3d952b6ee7ac853
SSDEEP

1536:7LWbDesQGVGjKmW9rgSdyRh5Ou/tBRmJXwapBxNSLQztgXA2hqcX0XDQC:vGzQYGjKmW9m/tBUXTZN1zn3TQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3d0556ed9ea4d1ac4d09a11acf1e6e2d

Files

3d0556ed9ea4d1ac4d09a11acf1e6e2d
.exe windows:4 windows x86 arch:x86

4cd3fc3ddca0294820191c597817f17c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

strlen
__set_app_type
_onexit
_initterm
getenv
strcmp
abort
fclose
calloc
_XcptFilter
fputs
__p__commode
free
__setusermatherr
exit
__p__fmode
_except_handler3
_exit
strcpy
_adjust_fdiv
printf
_acmdln
__getmainargs

kernel32

GetModuleHandleW
OpenProcess
GetCPInfo
FileTimeToLocalFileTime
GetFullPathNameA
GetLastError
VirtualProtectEx
GetLocaleInfoA
LoadLibraryExW
QueryPerformanceCounter
GetCurrentProcessId
GetCommandLineW
GetProcAddress

ole32

CoTaskMemFree
OleSetMenuDescriptor
OleIsCurrentClipboard
CoInitialize

shell32

SHGetDesktopFolder
DragQueryFileA
ExtractIconW
ShellExecuteA
SHGetFileInfoA
SHChangeNotify
ExtractIconA

gdi32

GetDeviceCaps
GetMapMode

comctl32

ImageList_Create
ImageList_Draw
PropertySheetA
CreatePropertySheetPageW
ImageList_DrawEx

user32

OpenClipboard
MessageBeep
GetWindowTextA
InvalidateRect
WaitMessage

advapi32

CloseServiceHandle
RegOpenKeyExA
LookupPrivilegeValueA

oleaut32

GetActiveObject
SysStringLen
GetErrorInfo
SafeArrayPtrOfIndex
SafeArrayCreate
SetErrorInfo

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 40KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 62KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4cd3fc3ddca0294820191c597817f17c

Headers

File Characteristics

Imports

msvcrt

kernel32

ole32

shell32

gdi32

comctl32

user32

advapi32

oleaut32

Sections

.text Size: 2KB - Virtual size: 2KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 40KB - Virtual size: 64KB

.rsrc Size: 62KB - Virtual size: 61KB

.text
Size: 2KB - Virtual size: 2KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 40KB - Virtual size: 64KB

.rsrc
Size: 62KB - Virtual size: 61KB