3f1465330b85df2408c0b31426ea8af0

Sharing

Copy URL

Twitter E-mail

General

Target

3f1465330b85df2408c0b31426ea8af0
Size

120KB
MD5

3f1465330b85df2408c0b31426ea8af0
SHA1

0d68291de727ec9e711dba5713ba8be56c70bee3
SHA256

26a715e9b9ad3103263d1d7c0bf62a2fd1f027dbba1b285057a5ee942a559300
SHA512

2114f562b63830c57ce68405bbad85be6f128b6862b401b5bcd7c076b378446c6a45b78a633af7d75fa22b8e33dc138c8fad03c195fa826562b84d78c5527ebd
SSDEEP

3072:ylN7M+Bn31FdzcNrDBb8BGeFa9G9dy2ucoG2yiwx7v:6Qu3qDBb8VFacn9viE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3f1465330b85df2408c0b31426ea8af0

Files

3f1465330b85df2408c0b31426ea8af0
.exe windows:5 windows x86 arch:x86

b294bd113171e2f7ae7c02f5437ff13c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

GetEffectiveClientRect

user32

PeekMessageW
GetPropW
ShowWindow
SendDlgItemMessageW
GetForegroundWindow
EndDialog
SetActiveWindow
FindWindowW
InsertMenuW
RemoveMenu
ScrollWindowEx
LoadStringW
SetWindowPos
GetMenuStringW
GetMenuItemID

ws2_32

WSAGetLastError

comdlg32

GetFileTitleW

oleacc

LresultFromObject
CreateStdAccessibleObject
AccessibleObjectFromWindow

kernel32

ReadFile
MulDiv
LockFile
HeapFree
DeleteFileW
CreateEventW
GlobalLock
GetVolumeInformationW
GetFullPathNameW
WriteFile
GetFileAttributesW
GlobalReAlloc
GetModuleFileNameW
TerminateProcess
lstrlenA
GetLastError
lstrcpyA
VirtualAlloc
CreateProcessW
GlobalSize
TlsGetValue
GetSystemInfo
GetThreadLocale
WaitForSingleObject
GetProcessHeap
lstrlenW
GlobalAlloc
GlobalUnlock
GlobalFree
CopyFileW
SetEndOfFile
FindNextFileW
CloseHandle
HeapReAlloc
GetCurrentProcessId
FormatMessageW
GetFileAttributesA
CreateFileW
LeaveCriticalSection
WideCharToMultiByte
lstrcmpiW
FindResourceW
FindFirstFileW
SetLastError
ResetEvent
HeapAlloc
FlushFileBuffers
Sleep
GetCurrentProcess
UnlockFile
LocalAlloc
DuplicateHandle
GetUserDefaultLCID
MoveFileW
SetFilePointer
GetVersionExW
EnterCriticalSection
FindClose
GetStringTypeExW
GetFileSize
GetShortPathNameW
LoadResource
LockResource

Sections

.data
Size: 101KB - Virtual size: 224KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 512B - Virtual size: 483B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

b294bd113171e2f7ae7c02f5437ff13c

Headers

DLL Characteristics

File Characteristics

Imports

comctl32

user32

ws2_32

comdlg32

oleacc

kernel32

Sections

.data Size: 101KB - Virtual size: 224KB

.text Size: 512B - Virtual size: 483B

.rsrc Size: 12KB - Virtual size: 12KB

.rdata Size: 5KB - Virtual size: 4KB

.data
Size: 101KB - Virtual size: 224KB

.text
Size: 512B - Virtual size: 483B

.rsrc
Size: 12KB - Virtual size: 12KB

.rdata
Size: 5KB - Virtual size: 4KB