3dca09dd2edcf7b3f989c8c53e824c8b

Sharing

Copy URL Twitter E-mail

General

Target

3dca09dd2edcf7b3f989c8c53e824c8b
Size

476KB
MD5

3dca09dd2edcf7b3f989c8c53e824c8b
SHA1

ef84537d2462bf5a3a012f3f499b6a6793f76696
SHA256

77e8888bc46e5b574cb071494acbbf4b0b85e698fb51d715dbf229e3d47357ac
SHA512

c26189aa448ea2238fb78777c206ab0746a1cf13601fc69ebd5fd25d6be11a112d39b0fe506ad0ed24f64965a348f9c94f88fd97e31869a59d85a7873be44132
SSDEEP

12288:en6quNIitC751jWiFmHNSGjPaf4xTJ+1ztWB82/F19:46quiitC75ZWiFINSBwTJ+1M3//

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3dca09dd2edcf7b3f989c8c53e824c8b

Files

3dca09dd2edcf7b3f989c8c53e824c8b
.exe windows:4 windows x86 arch:x86

587f8b81439699cf5e3d52f4d5568ec8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

SetTextColor
CreateCompatibleDC
GetStockObject
CreateSolidBrush

kernel32

LoadLibraryW
SizeofResource
SetStdHandle
GetDiskFreeSpaceA
GetVersion
GetModuleHandleW
GetACP
lstrcpynA
CloseHandle
FindFirstFileA
ReadFile
SetFilePointer
TlsFree
MapViewOfFile
RaiseException
GetCurrentThread
InterlockedCompareExchange
Sleep
HeapSize
WideCharToMultiByte
LockResource
GetCurrentProcessId
WritePrivateProfileStringA
GetEnvironmentStrings
FileTimeToLocalFileTime
CreateProcessW
GetModuleFileNameA
VirtualQuery
GlobalUnlock
GetEnvironmentStringsW
LCMapStringA
FindResourceW
GetConsoleCP
GlobalFree
lstrlenA
UnmapViewOfFile
LCMapStringW
GetLastError
LeaveCriticalSection
ExitProcess
TlsSetValue
GetFileType
CreateEventA
CreateFileW
GetTimeZoneInformation
GlobalLock
WaitForMultipleObjects
FindFirstFileW
CreateFileMappingA
ResetEvent
CompareStringA
lstrcpyA
FindNextFileW
lstrcmpA
CreateProcessA
CompareStringW
GetProcessHeap
GetSystemInfo
GetProcAddress
DeleteFileW
DeleteFileA
CreateDirectoryA
GetFileSize
GetStartupInfoA
LoadLibraryA
FlushFileBuffers
TlsGetValue
GetTickCount
QueryPerformanceCounter
SetEvent
lstrcmpiA
SetHandleCount
EnterCriticalSection
HeapFree
WriteConsoleW
InterlockedIncrement
GetCurrentThreadId
GetLocaleInfoA
SetEndOfFile
GetConsoleMode
GlobalAlloc
WriteConsoleA
TerminateProcess
SetEnvironmentVariableA
MulDiv
SetUnhandledExceptionFilter
CreateThread
GetModuleHandleA
CreateMutexA
GetLocalTime
MultiByteToWideChar
UnhandledExceptionFilter
LoadLibraryExA
RemoveDirectoryA
GetVersionExA
HeapAlloc
IsDebuggerPresent
GetModuleFileNameW
GetEnvironmentVariableA
SetLastError
OutputDebugStringA
FormatMessageA
InterlockedDecrement
FindClose
LoadResource
InitializeCriticalSection
FormatMessageW
LocalFree
FreeLibrary
GetFullPathNameA
GetStringTypeW
HeapReAlloc
GetCommandLineA
GetSystemTimeAsFileTime
WriteFile
InterlockedExchange
GetStringTypeA
GetCPInfo
GetTempPathA
FreeEnvironmentStringsW
SetErrorMode
CreateFileA
lstrcatA
GetCurrentDirectoryA
GetCurrentProcess
DeleteCriticalSection
FreeEnvironmentStringsA
GetFileAttributesW
HeapDestroy
FindNextFileA
GetDriveTypeA
WaitForSingleObject
GetFileAttributesA
FileTimeToSystemTime
ReleaseMutex
GetConsoleOutputCP
GetStdHandle
HeapCreate
VirtualFree
FindResourceA
VirtualAlloc
GetOEMCP
TlsAlloc

oleaut32

VariantClear
SysAllocString
SysFreeString

user32

SetFocus
SetTimer
GetSubMenu
RegisterClassA
IsIconic
GetWindow
IsWindowEnabled
TranslateMessage
PeekMessageA
EnableWindow
SetCapture
ShowWindow
UpdateWindow
BeginPaint
GetMessageA
DestroyWindow
UnregisterClassA
ReleaseDC
GetDC
EndPaint
DispatchMessageA
SetWindowPos
PostQuitMessage
MapWindowPoints
GetFocus
SetCursor
DefWindowProcA
GetSystemMetrics
PostMessageA
GetWindowRect
SetWindowLongA
wsprintfA
CreateWindowExA
GetDlgItem
ScreenToClient
LoadCursorA
LoadIconA
GetDesktopWindow
SetForegroundWindow
EndDialog
MessageBoxA
GetSysColor
EnableMenuItem
DrawTextA
InvalidateRect
SendMessageA
GetParent
GetClientRect

advapi32

RegSetValueExA
RegCloseKey
RegQueryValueExA
RegDeleteValueW
RegDeleteKeyA

msvcrt

_strcmpi
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
_cexit
_controlfp

Sections

.text
Size: 312KB - Virtual size: 310KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 120KB - Virtual size: 117KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

587f8b81439699cf5e3d52f4d5568ec8

Headers

File Characteristics

Imports

gdi32

kernel32

oleaut32

user32

advapi32

msvcrt

Sections

.text Size: 312KB - Virtual size: 310KB

.rdata Size: 36KB - Virtual size: 32KB

.data Size: 120KB - Virtual size: 117KB

.rsrc Size: 4KB - Virtual size: 3KB

.text
Size: 312KB - Virtual size: 310KB

.rdata
Size: 36KB - Virtual size: 32KB

.data
Size: 120KB - Virtual size: 117KB

.rsrc
Size: 4KB - Virtual size: 3KB