3f12b562e32b6de257f7a4a2eb7ccd4b

Sharing

Copy URL

Twitter E-mail

General

Target

3f12b562e32b6de257f7a4a2eb7ccd4b
Size

104KB
MD5

3f12b562e32b6de257f7a4a2eb7ccd4b
SHA1

27755f973622e52447932034daf5ec42a3c08251
SHA256

1ffb1b0431485ea09005bc51d2e50a354b0fe30c99ca50d0a8d3e5a329e83659
SHA512

3365a802a62de27fba0ca3397ea493d968521d705568e7fc7acf588806d5c65d040c59e5bd482aa7e6b8fefedaaac2437da4ec2b2423933c094f278838d225f1
SSDEEP

768:amzMKn+EylcLLTpvMbX8lmKEN3lt2gJVBl69CzmF+ZU9QZU9hFnN89:am4K+JETp66mKA3l9Bl2CSF+zqFnN6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3f12b562e32b6de257f7a4a2eb7ccd4b

Files

3f12b562e32b6de257f7a4a2eb7ccd4b
.dll windows:4 windows x86 arch:x86

113e7dc0ef888b6f6a56e52f229c7d17

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

wininet

InternetOpenA
InternetOpenUrlA
InternetCloseHandle
InternetReadFile
InternetCheckConnectionA

kernel32

SetStdHandle
GetVersionExA
GetLongPathNameA
GetTempPathA
GetTempFileNameA
CloseHandle
TerminateProcess
WaitForSingleObject
lstrcpynA
CreateThread
GetModuleFileNameA
HeapReAlloc
FlushFileBuffers
RtlUnwind
LoadLibraryA
SetFilePointer
VirtualQuery
GetSystemInfo
VirtualAlloc
VirtualProtect
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
UnhandledExceptionFilter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
CreateFileA
SetEndOfFile
ReadFile
InterlockedExchange
GetCPInfo
FreeEnvironmentStringsA
VirtualFree
HeapCreate
HeapDestroy
ExitProcess
GetCommandLineA
GetACP
GetOEMCP
HeapSize
LCMapStringA
WideCharToMultiByte
MultiByteToWideChar
GetLastError
LCMapStringW
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
HeapFree
HeapAlloc
WriteFile
GetProcAddress
GetModuleHandleA
GetCurrentProcess
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA

user32

LoadStringA
LoadAcceleratorsA
GetMessageA
TranslateAcceleratorA
TranslateMessage
DispatchMessageA
CreateWindowExA
LoadCursorA
RegisterClassExA
DefWindowProcA
SetTimer
BeginPaint
EndPaint
PostQuitMessage
KillTimer
LoadIconA

advapi32

RegQueryValueExA
RegOpenKeyExA
RegCloseKey
RegOpenKeyA

shell32

ShellExecuteExA
Shell_NotifyIconA
ShellExecuteA

Exports

Exports

install
load

Sections

.text
Size: 28KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 52KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

113e7dc0ef888b6f6a56e52f229c7d17

Headers

File Characteristics

Imports

wininet

kernel32

user32

advapi32

shell32

Exports

Exports

Sections

.text Size: 28KB - Virtual size: 26KB

.rdata Size: 8KB - Virtual size: 6KB

.data Size: 4KB - Virtual size: 7KB

.rsrc Size: 52KB - Virtual size: 51KB

.reloc Size: 4KB - Virtual size: 2KB

.text
Size: 28KB - Virtual size: 26KB

.rdata
Size: 8KB - Virtual size: 6KB

.data
Size: 4KB - Virtual size: 7KB

.rsrc
Size: 52KB - Virtual size: 51KB

.reloc
Size: 4KB - Virtual size: 2KB