3d96cfb7c30c4f09e34154d60e55de82

Sharing

Copy URL

Twitter E-mail

General

Target

3d96cfb7c30c4f09e34154d60e55de82
Size

208KB
MD5

3d96cfb7c30c4f09e34154d60e55de82
SHA1

0d77f2a2b5577e0ae40a3b7599283c4f036a123b
SHA256

e14017bdf18b1412d4c91202d760c156b43793878194c69c9eeb9d4cd5916aec
SHA512

93065d2a69ed4af152ea9d1d5d08e6c70228494625c1512ea31d85a5a3bff6c3a593712e275b930b65632279efde61cc25e59b94c418bb73a543ac11546a3a26
SSDEEP

6144:BPRP2L0cngp5/vuGp1k1TBIg0wkucL9/:va0Sa/70Bxkbx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3d96cfb7c30c4f09e34154d60e55de82

Files

3d96cfb7c30c4f09e34154d60e55de82
.exe windows:4 windows x86 arch:x86

39aae10368b32719f814b1d65af6faa7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

msvfw32

ICInfo

user32

MonitorFromWindow
wsprintfW
CharNextA
CharNextW

psapi

GetProcessMemoryInfo

advapi32

CryptAcquireContextA
CryptCreateHash
CryptGetHashParam
CryptHashData
CryptReleaseContext
CryptDestroyHash

shell32

CommandLineToArgvW

imagehlp

ImageGetDigestStream
ImageNtHeader
ImageRvaToVa
ImageDirectoryEntryToData

kernel32

GetCurrentThreadId
RaiseException
GetTickCount
_lclose
CreateFiberEx
lstrlenA
GetLocaleInfoA
GetCurrentProcess
DeleteFileA
HeapAlloc
RemoveDirectoryA
GetTempFileNameW
UpdateResourceW
GlobalFree
GetSystemTimeAsFileTime
MoveFileW
GlobalAlloc
GetACP
UnhandledExceptionFilter
BeginUpdateResourceW
TerminateProcess
lstrcmpiA
CopyFileW
GetFullPathNameW
CreateFileW
DeleteFileW
GetProcAddress
EnumResourceNamesW
SetEndOfFile
EscapeCommFunction
EnumResourceTypesW
QueryPerformanceCounter
CloseHandle
GetLastError
InterlockedCompareExchange
InterlockedIncrement
GetModuleHandleW
HeapFree
HeapReAlloc
GetFullPathNameA
CreateDirectoryW
SetLastError
GetOEMCP
CreateFileA
GetFileAttributesA
GetThreadLocale
FindNextFileW
LockResource
GetFileSize
LoadLibraryExA
RemoveDirectoryW
FindClose
MapViewOfFile
lstrlenW
OutputDebugStringA
GlobalUnlock
SetFileAttributesW
CreateDirectoryA
SizeofResource
GetCurrentDirectoryW
GlobalLock
FindNextFileA
EnumResourceNamesA
Sleep
InterlockedExchange
GetVersionExA
_llseek
CopyFileA
LoadLibraryExW
EnterCriticalSection
CreateFileMappingA
GetStringTypeExW
LoadResource
GetEnvironmentVariableA
LoadLibraryA
GetFileInformationByHandle
DeleteCriticalSection
GetSystemDirectoryA
SetUnhandledExceptionFilter
HeapDestroy
UnmapViewOfFile
AreFileApisANSI
ReadFile
DebugBreak
LocalFree
FindResourceW
InterlockedDecrement
FormatMessageW
SetFilePointer
FreeResource
MultiByteToWideChar
WideCharToMultiByte
FatalExit
SetFileAttributesA
WriteFile
FreeLibrary
FindFirstFileA
_lread
FindFirstFileW
GetCommandLineW
GetProcessHeap
_lwrite
EndUpdateResourceW
ExitProcess
GetCurrentProcessId
LeaveCriticalSection
GetFileAttributesW
GetVersionExW
EnumResourceLanguagesW
InitializeCriticalSection
HeapSize
FindResourceExW
GetTempPathW
GetVersion
IsDebuggerPresent
lstrcpyA

Sections

.text
Size: 184KB - Virtual size: 183KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.lib
Size: 512B - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

39aae10368b32719f814b1d65af6faa7

Headers

File Characteristics

Imports

msvfw32

user32

psapi

advapi32

shell32

imagehlp

kernel32

Sections

.text Size: 184KB - Virtual size: 183KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 19KB - Virtual size: 18KB

.lib Size: 512B - Virtual size: 96KB

.text
Size: 184KB - Virtual size: 183KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 19KB - Virtual size: 18KB

.lib
Size: 512B - Virtual size: 96KB