3dd5286611e5a567f697ba9252198590

Sharing

Copy URL

Twitter E-mail

General

Target

3dd5286611e5a567f697ba9252198590
Size

304KB
MD5

3dd5286611e5a567f697ba9252198590
SHA1

708ce882639ac6e7044f9727f75f680579d86aeb
SHA256

e77d3803acf07798ca87a913141a12d2a32232075525af7afb22a65fad1e34b6
SHA512

af7d0fefc391cb6677279b94be84587222fa61e712024c4da5cf2c1b15cdec9111244502ab0f5412c962b26871e9fbc6fec935b03805372210fd7d6424ea165d
SSDEEP

6144:Nocym5lIUbactbQkodHUwd58G2X3CT2vcNOklrdY6aptz:NocnvIaac9Qko+86G2nCT2cOklBY6ar

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3dd5286611e5a567f697ba9252198590

Files

3dd5286611e5a567f697ba9252198590
.exe windows:4 windows x86 arch:x86

af95d91c62a0f17ec9902e70cba74de4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DefineDosDeviceW
GetDateFormatW
_hread
GetWindowsDirectoryW
ExitProcess
VirtualQuery
CreateSemaphoreA
WriteFile
GetFileTime
SetLocalTime
GetExitCodeThread
GetComputerNameA
GetLastError
lstrlenA
TerminateProcess
FileTimeToDosDateTime
GetDiskFreeSpaceA
GetComputerNameW
VirtualQueryEx
LocalFileTimeToFileTime
GetTempFileNameA
CopyFileExW
GetStartupInfoA
ConnectNamedPipe
DefineDosDeviceA
SearchPathA
Sleep
FatalAppExitA
InitializeCriticalSectionAndSpinCount
FormatMessageW
ReadConsoleA
GetTempPathW
GetConsoleMode
CreateConsoleScreenBuffer
WaitNamedPipeA
OpenSemaphoreW
GetPrivateProfileIntW
ReadFile
VirtualProtect
GetCommandLineA
GetVersionExA
GetNumberFormatW

user32

FlashWindowEx
GetSysColor
DialogBoxParamA
GetTabbedTextExtentA
MapDialogRect
MessageBoxIndirectW
GetUserObjectInformationA
DrawIcon
DialogBoxParamW
SendNotifyMessageA
SetClassLongA
GetClassNameW
SendInput
IsDialogMessageW
InsertMenuItemW
UnregisterDeviceNotification
OpenWindowStationA
SetMenuInfo
SetMenuItemBitmaps
SetTimer
DrawStateW
IsCharAlphaNumericA
CopyIcon
GetMenuCheckMarkDimensions
GetWindowLongW
ClientToScreen
DestroyCursor
CharNextW
SwitchToThisWindow
EmptyClipboard
SetUserObjectInformationW
UnhookWindowsHook
CreateAcceleratorTableA
EnableWindow
LoadIconA
GetScrollBarInfo
FrameRect
SetWindowWord
NotifyWinEvent
GetWindow
GetWindowTextA
SetCaretBlinkTime

gdi32

GetNearestColor

comdlg32

GetFileTitleA
ChooseColorA
GetFileTitleW
ChooseFontW

advapi32

IsValidSid
GetSidSubAuthorityCount
ObjectCloseAuditAlarmW
IsTextUnicode
AbortSystemShutdownW
RegisterEventSourceA
SetSecurityDescriptorSacl
FreeSid
InitiateSystemShutdownA
AccessCheck
RegEnumKeyExW
DuplicateTokenEx
GetSecurityDescriptorLength
CloseServiceHandle
RegReplaceKeyW
SetTokenInformation
GetSecurityInfo
CryptDecrypt
LookupAccountSidW
RegQueryValueExW
DestroyPrivateObjectSecurity
NotifyBootConfigStatus
RegSetKeySecurity
GetNamedSecurityInfoW
RegQueryInfoKeyW
RegOpenKeyExA
GetAce
SetSecurityDescriptorGroup
RegEnumKeyA
InitializeAcl
CryptGetKeyParam
CreatePrivateObjectSecurity

shell32

SHFileOperationA

ole32

CoTaskMemRealloc
OleDestroyMenuDescriptor
RegisterDragDrop
StgOpenStorageEx
CoFreeAllLibraries

oleaut32

SafeArrayCreateVector
SysStringLen
VariantInit
SafeArrayRedim
SafeArrayPtrOfIndex

comctl32

ImageList_BeginDrag
ImageList_ReplaceIcon
ImageList_SetIconSize
ImageList_DrawIndirect

shlwapi

SHStrDupW
UrlCombineW
ChrCmpIW
PathIsRelativeW
StrDupA
StrChrIA
StrCpyW
StrStrIA
wvnsprintfW
SHSetValueA
PathIsPrefixW
PathRemoveFileSpecA
wnsprintfW
PathUnquoteSpacesA
SHRegWriteUSValueW
PathGetDriveNumberA

Sections

.text
Size: 288KB - Virtual size: 287KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 296B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

af95d91c62a0f17ec9902e70cba74de4

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

comctl32

shlwapi

Sections

.text Size: 288KB - Virtual size: 287KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 4KB - Virtual size: 296B

.text
Size: 288KB - Virtual size: 287KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 4KB - Virtual size: 296B