3e4de081390fc2aa056010a517c27b97

General

Target

3e4de081390fc2aa056010a517c27b97
Size

411KB
MD5

3e4de081390fc2aa056010a517c27b97
SHA1

2ddce1d9e780b303ff9072e4fc42c9eb13922bc2
SHA256

8bb7ecd1c8dc02526662360750b28aa8ef474cec18239b4a14dc72bc36dddf7c
SHA512

5b6e84180c0a619408e0f1e474ea1116de7f0cd9e1d5433cc6af0254b584a25786e52145c43833dcfeb76c4f49a2a54a2020ccc80f014681ea098035f4b76096
SSDEEP

6144:TuQhe/fUQ/LL1m39XBJaE6g93JBE1vhyZ8bPumwmRnVSTZDBOcEag9g+hUcMfHP:RYLcNDHExAlzIGwcyS/eQgVIi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3e4de081390fc2aa056010a517c27b97

Files

3e4de081390fc2aa056010a517c27b97
.exe windows:4 windows x86 arch:x86

95f48562eec166bc7fb47dc91b920564

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLocaleInfoW
GetCPInfo
SetLastError
FreeEnvironmentStringsW
RtlUnwind
InterlockedDecrement
FreeEnvironmentStringsA
GetCurrentProcess
GetVersionExA
VirtualAlloc
TlsAlloc
SetEnvironmentVariableA
HeapReAlloc
GetStringTypeW
SetPriorityClass
GetStringTypeA
GetFileType
Sleep
GetModuleFileNameA
GetLocaleInfoA
InitializeCriticalSection
ExitProcess
GetProcessHeap
HeapSize
IsValidCodePage
LoadLibraryA
GetTickCount
GetSystemTimeAsFileTime
HeapCreate
GetEnvironmentStrings
LCMapStringW
QueryPerformanceCounter
lstrcmp
UnhandledExceptionFilter
DeleteCriticalSection
TlsSetValue
GetCurrentThreadId
GetDateFormatA
HeapAlloc
GetTimeZoneInformation
HeapFree
GlobalCompact
TlsFree
GetCurrentProcessId
EnumSystemLocalesA
InterlockedIncrement
HeapDestroy
WideCharToMultiByte
LCMapStringA
GetCurrentThread
GetStartupInfoA
IsDebuggerPresent
GetLastError
SetConsoleCtrlHandler
VirtualFree
WriteConsoleW
FreeLibrary
GetModuleHandleA
GetPriorityClass
GetOEMCP
EnterCriticalSection
GetEnvironmentStringsW
TlsGetValue
CompareStringW
CompareStringA
GetCommandLineA
IsValidLocale
GetProcAddress
GetStdHandle
GetTimeFormatA
GetACP
SetHandleCount
InterlockedExchange
LeaveCriticalSection
TerminateProcess
GetUserDefaultLCID
VirtualQuery
MultiByteToWideChar
WriteFile
FlushViewOfFile
SetUnhandledExceptionFilter

user32

PostThreadMessageW
GrayStringW
AttachThreadInput
CreateDialogParamW
DestroyWindow
DrawFocusRect
GetNextDlgGroupItem
SwitchDesktop
DefDlgProcW
DispatchMessageA
HideCaret
GetKeyboardState
DdeGetLastError
GetClassInfoW

comdlg32

GetSaveFileNameW

Sections

.text
Size: 133KB - Virtual size: 133KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 274KB - Virtual size: 279KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

95f48562eec166bc7fb47dc91b920564

Headers

File Characteristics

Imports

kernel32

user32

comdlg32

Sections

.text Size: 133KB - Virtual size: 133KB

.data Size: 274KB - Virtual size: 279KB

.rsrc Size: 3KB - Virtual size: 2KB

.text
Size: 133KB - Virtual size: 133KB

.data
Size: 274KB - Virtual size: 279KB

.rsrc
Size: 3KB - Virtual size: 2KB