3daaf045ed5327afd91f33c76f7ddbd4

Sharing

Copy URL Twitter E-mail

General

Target

3daaf045ed5327afd91f33c76f7ddbd4
Size

178KB
MD5

3daaf045ed5327afd91f33c76f7ddbd4
SHA1

87499173fe9be3813d0757a1900b686c52f25532
SHA256

cab9dc7a54c1c596e581334bd503bd6fc78b441917cedbe867760d936c4bddf5
SHA512

a2d2070cd52c420773dc0832d7dc14e398396d891827487695467cfdab63867587cb976c19f5dccc7438173b4a0daaae5afca590bb3db1a65654149f2369ac0a
SSDEEP

3072:Z0MCtWQy7MlygjDEi9IsyFKB5Uj4KORtdo8TQ9SCWMYWvfFhPMWAebVq:Z0MVQy70hn/9IfKTUj78HCWMxfPP/Q

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3daaf045ed5327afd91f33c76f7ddbd4

Files

3daaf045ed5327afd91f33c76f7ddbd4
.exe windows:4 windows x86 arch:x86

5f465a64877c946457a8a32d7c1f420c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareStringW
CopyFileA
CreateDirectoryA
CreateEventW
CreateProcessW
DeleteFileA
FileTimeToDosDateTime
FileTimeToLocalFileTime
FindClose
FindFirstFileA
FindNextFileA
FlushFileBuffers
FreeLibrary
GetACP
GetCommandLineA
GetDriveTypeA
GetEnvironmentStringsW
GetExitCodeThread
GetFileSize
GetFileType
GetFullPathNameA
GetLastError
GetModuleFileNameW
GetModuleHandleA
GetPrivateProfileStringA
GetStringTypeW
GetSystemDefaultLCID
GetSystemDirectoryA
GetSystemInfo
GetSystemTime
GetTempPathW
GetTickCount
GetUserDefaultLCID
GetUserDefaultLangID
GetVersion
HeapReAlloc
HeapSize
InitializeCriticalSection
IsDBCSLeadByte
IsDebuggerPresent
IsValidCodePage
LCMapStringA
LeaveCriticalSection
LoadLibraryA
LoadLibraryExW
LoadResource
LockResource
MapViewOfFile
MoveFileA
MultiByteToWideChar
OpenProcess
OutputDebugStringA
ResetEvent
RtlUnwind
SetErrorMode
SetEvent
SetFileAttributesA
SetLastError
SetThreadPriority
SetUnhandledExceptionFilter
SizeofResource
Sleep
VirtualAlloc
VirtualProtect
VirtualQuery
WriteConsoleA
WritePrivateProfileStringA
lstrcatA
lstrcmpiW
lstrlenA

user32

CharLowerA
ClientToScreen
DestroyIcon
DestroyWindow
DialogBoxParamA
DrawEdge
EndDialog
EndPaint
FillRect
FrameRect
GetActiveWindow
GetCapture
GetClientRect
GetDesktopWindow
GetDlgItem
GetKeyState
GetKeyboardType
GetParent
GetScrollPos
GetSubMenu
GetTopWindow
GetWindowDC
InsertMenuItemA
IsZoomed
LoadStringA
MessageBoxA
OpenClipboard
RegisterClassA
RemoveMenu
SetClassLongA
SetForegroundWindow
SetScrollRange
SetWindowPlacement
SetWindowTextA
SetWindowsHookExA
ShowOwnedPopups
SystemParametersInfoA
UnhookWindowsHookEx
UpdateWindow
wsprintfA

gdi32

AbortDoc
BitBlt
Chord
CombineRgn
CopyMetaFileA
CreateDIBSection
CreateDIBitmap
CreateEllipticRgn
CreateFontIndirectA
CreateHatchBrush
CreatePatternBrush
CreateRectRgn
DeleteDC
DeleteEnhMetaFile
EndPage
EndPath
EnumFontFamiliesExA
ExtCreateRegion
GetBitmapBits
GetCurrentPositionEx
GetOutlineTextMetricsA
GetTextExtentPoint32W
GetTextFaceW
GetViewportExtEx
LineDDA
PatBlt
Polyline
RemoveFontResourceA
RoundRect
SelectClipRgn
SetBrushOrgEx
SetDIBits
SetMetaFileBitsEx
SetRectRgn
SetStretchBltMode
SetTextCharacterExtra
SetViewportOrgEx
StretchBlt
StretchDIBits
TextOutW

shell32

DragQueryFile
DragQueryFileA
DragQueryFileW
DragQueryPoint
ExtractAssociatedIconW
ExtractIconA
ExtractIconExA
ExtractIconExW
ExtractIconW
SHBindToParent
SHBrowseForFolder
SHBrowseForFolderA
SHBrowseForFolderW
SHCreateDirectoryExW
SHFileOperationW
SHGetDesktopFolder
SHGetDiskFreeSpaceExW
SHGetFileInfoW
SHGetFolderLocation
SHGetFolderPathW
SHGetPathFromIDList
SHGetPathFromIDListA
SHGetSettings
SHGetSpecialFolderLocation
SHGetSpecialFolderPathA
ShellExecuteEx
ShellExecuteExW
ShellExecuteW
Shell_NotifyIconA

comctl32

CreateToolbarEx
DestroyPropertySheetPage
ImageList_AddMasked
ImageList_BeginDrag
ImageList_DragEnter
ImageList_GetImageCount
ImageList_GetImageInfo
ImageList_LoadImageW
ImageList_Replace
ImageList_SetBkColor
ImageList_SetOverlayImage
InitCommonControls
InitCommonControlsEx
InitializeFlatSB
PropertySheetA

advapi32

AllocateAndInitializeSid
CryptAcquireContextA
CryptGenRandom
GetSecurityDescriptorDacl
GetUserNameA
IsValidSid
LookupPrivilegeValueW
OpenSCManagerA
OpenServiceA
RegCreateKeyExA
RegEnumKeyA
RegEnumValueA
RegOpenKeyA
RegOpenKeyExW
RegQueryValueExW
RegSetValueExA
RegSetValueExW

ole32

CLSIDFromProgID
CoFreeUnusedLibraries
CoGetClassObject
CoLoadLibrary
CoMarshalInterThreadInterfaceInStream
CoRegisterMessageFilter
CoReleaseMarshalData
CoUninitialize
CreateItemMoniker
CreateStreamOnHGlobal
DoDragDrop
IsAccelerator
OleInitialize
OleRun
OleSetClipboard
PropVariantClear
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
StringFromCLSID
StringFromGUID2

Sections

.text
Size: 67KB - Virtual size: 67KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 77KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 26KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5f465a64877c946457a8a32d7c1f420c

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shell32

comctl32

advapi32

ole32

Sections

.text Size: 67KB - Virtual size: 67KB

.rdata Size: 6KB - Virtual size: 6KB

.data Size: 77KB - Virtual size: 77KB

.rsrc Size: 26KB - Virtual size: 28KB

.text
Size: 67KB - Virtual size: 67KB

.rdata
Size: 6KB - Virtual size: 6KB

.data
Size: 77KB - Virtual size: 77KB

.rsrc
Size: 26KB - Virtual size: 28KB