3f5c149e11be2d664a0d313cb3e921cc

General

Target

3f5c149e11be2d664a0d313cb3e921cc
Size

52KB
MD5

3f5c149e11be2d664a0d313cb3e921cc
SHA1

b9e4e4237437cd7bde2f776bcbbab09405df7e74
SHA256

550f95515a5b215781734d4f963c51ee2643cd4288b388f5bb7885ce09c2c608
SHA512

407028d60301edfdee4b61d61eef4a3333f193e199c3a5a21b42067d4ee931ed49665cbde26d07dac7e71e2be6a2bf2612f56bb228c6fbbb4eb0ab8e49334ed4
SSDEEP

768:s2HjJD1hLO1IixdJNgI+QAs31N07DLGw9Fa5ZRDv+kiKxCo10:s2DjpOuijJx3N31NLw9FcJ+AxR10

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3f5c149e11be2d664a0d313cb3e921cc

Files

3f5c149e11be2d664a0d313cb3e921cc
.exe windows:4 windows x86 arch:x86

c539b37b9eb5c584b43fd6317639ff2e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetFilePointer
WaitForMultipleObjects
GlobalDeleteAtom
GetUserDefaultLangID
GetModuleHandleW
ReadFile
GlobalUnlock
GetFileAttributesExW
GetDriveTypeW
SetCurrentDirectoryW
ResumeThread
FindFirstFileW
LockResource
TerminateThread
GetProcAddress
Sleep
FindNextFileW
GlobalLock
GetTickCount
MulDiv
WritePrivateProfileStringW
VirtualFree
FreeLibrary
ReadProcessMemory
ResetEvent
lstrcpyW
FindResourceW
GetLocalTime
GlobalFree
GetModuleFileNameW
WriteFile
FileTimeToSystemTime
GlobalAddAtomW
LoadLibraryA
CreateThread
InterlockedIncrement
WaitForSingleObject
FindFirstChangeNotificationW
FindNextChangeNotification

user32

LoadStringW
EndDialog
RegisterWindowMessageW
RegisterHotKey
RegisterClassExW
SetDlgItemTextW
ReleaseDC
GetCursorPos
InvalidateRect
UpdateWindow
OffsetRect
DrawTextW
TrackPopupMenu
SetForegroundWindow
DestroyIcon
SendMessageW
DialogBoxParamW
EnableWindow
GetMessageW
SetWindowPos
DefWindowProcW
SetLayeredWindowAttributes
SystemParametersInfoW
PostThreadMessageW
PostMessageW

gdi32

CreateICW
CreateBitmap
CreateFontIndirectW
SetDIBits
CreateCompatibleDC

advapi32

SetSecurityDescriptorDacl
RegCloseKey
RegSetValueExW
LookupPrivilegeValueW
StartServiceW
RegQueryValueExW

Sections

.text
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

c539b37b9eb5c584b43fd6317639ff2e

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

Sections

.text Size: 40KB - Virtual size: 39KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 4KB - Virtual size: 1KB

.text
Size: 40KB - Virtual size: 39KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 4KB - Virtual size: 1KB