3d0a422c845c5f45893fff660e1b7da8

Sharing

Copy URL Twitter E-mail

General

Target

3d0a422c845c5f45893fff660e1b7da8
Size

570KB
MD5

3d0a422c845c5f45893fff660e1b7da8
SHA1

02307c5a2541286ca96fc52c80c408df96918833
SHA256

df62fb4f8a317d28ddb6be4c854ea8ade3567707e2429cc0cd62dfa0c2c77b3c
SHA512

74f4e88c077a1326e80328f336c3afb15d876ff1ca9cb89cd52c85f814d9550dc18662637fffd5b62c16891670ff47b2acd34cbc79f5486774959d5e85dc8d35
SSDEEP

12288:SeIy06MSZJvJ++N0su2sP4wGHCNNysW2FhJCLF4+Jxme:SbyLvJ++N3C4wQCOh2/cLC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3d0a422c845c5f45893fff660e1b7da8

Files

3d0a422c845c5f45893fff660e1b7da8
.exe windows:4 windows x86 arch:x86

b4bc7b7b6ec6afaab78994ffc0cb955e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStdHandle
TlsAlloc
RtlUnwind
GetModuleFileNameA
GetConsoleOutputCP
FindFirstFileA
TlsFree
SetStdHandle
CloseHandle
ReadFile
InterlockedExchange
FlushFileBuffers
LoadLibraryA
DeleteCriticalSection
GetDateFormatA
Sleep
SetFilePointer
WideCharToMultiByte
GetCurrentProcess
GetLocaleInfoA
HeapFree
InterlockedDecrement
VirtualAlloc
GetTickCount
UnmapViewOfFile
MultiByteToWideChar
HeapCreate
GetCurrentProcessId
CompareStringA
TerminateProcess
HeapSize
GetTimeZoneInformation
SleepEx
IsValidLocale
SetLastError
GetCPInfo
GetModuleHandleA
GetCurrentThreadId
ExitProcess
DebugBreak
CreateMutexA
WriteFile
HeapReAlloc
VirtualQuery
HeapDestroy
GetOEMCP
GetModuleFileNameW
UnhandledExceptionFilter
CreateFileA
CompareStringW
FreeEnvironmentStringsW
GetACP
VirtualFree
GetSystemTimeAsFileTime
SetEnvironmentVariableA
GetFileType
EnterCriticalSection
GetConsoleMode
IsValidCodePage
QueryPerformanceCounter
LeaveCriticalSection
LCMapStringW
GetLocaleInfoW
GetStartupInfoW
InterlockedIncrement
GetStringTypeA
EnumSystemLocalesA
GetEnvironmentStringsW
TlsGetValue
GetStartupInfoA
GetCurrentThread
GetUserDefaultLCID
FreeLibrary
HeapAlloc
SetUnhandledExceptionFilter
GetTimeFormatA
LCMapStringA
WriteConsoleW
TlsSetValue
GetCommandLineW
InitializeCriticalSectionAndSpinCount
SetConsoleCtrlHandler
OpenMutexA
IsDebuggerPresent
GetStringTypeW
GetLastError
GetCommandLineA
GetProcAddress
WriteConsoleA
GetConsoleCP
GetModuleHandleW
SetHandleCount

advapi32

CryptGetProvParam
GetUserNameA
CryptGenKey
LookupPrivilegeDisplayNameW
LookupAccountNameW
RegOpenKeyExW
CryptGetUserKey
RegQueryValueW
RegQueryValueExW

comctl32

InitCommonControlsEx

user32

LoadMenuW
RegisterClassExA
RegisterClassA
IsCharAlphaNumericA

Sections

.text
Size: 232KB - Virtual size: 232KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 317KB - Virtual size: 317KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b4bc7b7b6ec6afaab78994ffc0cb955e

Headers

File Characteristics

Imports

kernel32

advapi32

comctl32

user32

Sections

.text Size: 232KB - Virtual size: 232KB

.rdata Size: 9KB - Virtual size: 29KB

.data Size: 317KB - Virtual size: 317KB

.rsrc Size: 9KB - Virtual size: 9KB

.text
Size: 232KB - Virtual size: 232KB

.rdata
Size: 9KB - Virtual size: 29KB

.data
Size: 317KB - Virtual size: 317KB

.rsrc
Size: 9KB - Virtual size: 9KB