3da91070d23bb09041db898e88b7dfbf

Sharing

Copy URL Twitter E-mail

General

Target

3da91070d23bb09041db898e88b7dfbf
Size

84KB
MD5

3da91070d23bb09041db898e88b7dfbf
SHA1

e5954907a9840c996fc4f1374831edc5334578da
SHA256

95cdce3a6cb585410a3aaa36520abe345350d27588e8be4098fad6300af8adcb
SHA512

aab2e3a55b9599cf4f3d106f555d71ec46867874de140aebbc2914515e8cb766241c4f253533579ab3046df35c29ba5b3f6628529355b1693399a85bce952097
SSDEEP

1536:ik4QCQZD28bJBCL+SE6379UADCzxzrePITgsZOJToupjlQcgP:cQd5bDchw1WP1nxxjlPgP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3da91070d23bb09041db898e88b7dfbf

Files

3da91070d23bb09041db898e88b7dfbf
.exe windows:4 windows x86 arch:x86

ae06ce89a3cb064e9837ae95d04af111

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

IsWindow
GetFocus
LoadCursorA
EndDialog
CloseWindow
DrawIconEx
IsMenu
DrawTextW
GetCursor
CopyRect
DialogBoxParamA
CopyIcon
CopyImage
GetDlgItem
InsertMenuA
DrawIcon
CreateIcon

advapi32

RegEnumValueA
RegCreateKeyW
RegQueryValueExA
RegGetKeySecurity
RegDeleteValueA
RegQueryInfoKeyW
RegFlushKey
RegCreateKeyExW
RegQueryValueA
RegDeleteKeyA
RegDeleteKeyW
RegCreateKeyExA
RegLoadKeyA
RegEnumKeyW
RegOpenKeyExA
RegOpenKeyExW
RegEnumKeyA
RegEnumKeyExW

comctl32

ImageList_DrawEx
ImageList_DragMove
ImageList_DragShowNolock
ImageList_Read
ImageList_GetImageInfo
ImageList_Draw
ImageList_Create
ImageList_LoadImageW
ImageList_BeginDrag
ImageList_LoadImage
ImageList_Merge
ImageList_ReplaceIcon
ImageList_DrawIndirect
ImageList_GetImageRect
ImageList_AddMasked
ImageList_GetIcon
ImageList_DragLeave
ImageList_AddIcon
ImageList_LoadImageA

kernel32

GetCPInfo
ReadFile
GetCommandLineA
ReadConsoleA
GetFileTime
SetLastError
GetConsoleMode
CopyFileExW
DeleteFileA
GetComputerNameA
GlobalFree
FindFirstFileA
GetLastError
FindAtomA
CreateDirectoryA
DeleteAtom
OpenFileMappingA
CreateThread
GetFileSize
GetStdHandle

Sections

.text
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 64KB - Virtual size: 146KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: - Virtual size: 825B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ae06ce89a3cb064e9837ae95d04af111

Headers

File Characteristics

Imports

user32

advapi32

comctl32

kernel32

Sections

.text Size: 8KB - Virtual size: 4KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 64KB - Virtual size: 146KB

.rsrc Size: 4KB - Virtual size: 2KB

.reloc Size: - Virtual size: 825B

.text
Size: 8KB - Virtual size: 4KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 64KB - Virtual size: 146KB

.rsrc
Size: 4KB - Virtual size: 2KB

.reloc
Size: - Virtual size: 825B