3dec61e0480eb79d2041605444437fee

General

Target

3dec61e0480eb79d2041605444437fee
Size

83KB
MD5

3dec61e0480eb79d2041605444437fee
SHA1

19e4befedfb15186b813524dcc0ff8266e2e0659
SHA256

618c7927921a9d9fe0356388c8575b273f2d659e8d67343edd4d7c96450be469
SHA512

f76c6bbfcca36b3b6ba88301158f0ae72ba15e5e36c2ef0a65e00b4c619920e7cd239ccb23963be86410c5a94bb3ae45e3646e4ad984603e14ec8c4fc526d7b3
SSDEEP

1536:zU15x31M4FyBWh4Q+0ViKs6IfyRXLchHsddiKTxiHNT3mQc8ZAliIfOT:+5/uBc44ivyRXodWh9iHNgEA4V

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3dec61e0480eb79d2041605444437fee

Files

3dec61e0480eb79d2041605444437fee
.exe windows:4 windows x86 arch:x86

3a91dcc8c653afeaa82f84b0a51b11f5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegGetKeySecurity
RegDeleteValueW
RegEnumKeyExA
RegDeleteValueA
RegQueryValueExW
RegOpenKeyA
RegEnumValueA
RegQueryInfoKeyW
RegEnumValueW
RegOpenKeyW
RegCreateKeyExA
RegEnumKeyA
RegEnumKeyW
RegReplaceKeyW
RegLoadKeyW
RegLoadKeyA
RegCreateKeyW
RegQueryValueExA
RegReplaceKeyA
RegDeleteKeyW
RegOpenKeyExW

user32

GetWindowTextLengthA
CreateIcon
GetWindowTextA
IsWindow
GetCursor
AppendMenuW
BlockInput
DrawIconEx
GetFocus
AlignRects
DrawTextA
DrawIcon
LoadMenuA
AppendMenuA
CopyRect
IsMenu
GetDC
DialogBoxParamW
EndDialog
InsertMenuA

comctl32

ImageList_DragMove
ImageList_GetDragImage
ImageList_LoadImageA
ImageList_BeginDrag
ImageList_GetImageRect
ImageList_GetIconSize
ImageList_ReplaceIcon
ImageList_Copy
ImageList_GetImageCount
ImageList_DragShowNolock
InitCommonControls
ImageList_DragLeave
ImageList_GetImageInfo
ImageList_Destroy
ImageList_DragEnter
ImageList_LoadImage
ImageList_DrawIndirect
ImageList_DrawEx

kernel32

FindAtomA
GlobalFree
CopyFileA
Sleep
ExitThread
FindFirstFileA
GetFileSize
CreateThread
CopyFileExW
CreateProcessA
SetLastError
DeleteFileW
OpenFile
GetLastError
ReadConsoleA
WriteFile
GetComputerNameA

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 61KB - Virtual size: 151KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: - Virtual size: 1KB

IMAGE_SCN_MEM_READ

.rsrc
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3a91dcc8c653afeaa82f84b0a51b11f5

Headers

File Characteristics

Imports

advapi32

user32

comctl32

kernel32

Sections

.text Size: 3KB - Virtual size: 3KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 61KB - Virtual size: 151KB

.reloc Size: - Virtual size: 1KB

.rsrc Size: 15KB - Virtual size: 14KB

.text
Size: 3KB - Virtual size: 3KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 61KB - Virtual size: 151KB

.reloc
Size: - Virtual size: 1KB

.rsrc
Size: 15KB - Virtual size: 14KB