3eaf3a9d0f5a03fa1ff2d77725f31c6d

Sharing

Copy URL Twitter E-mail

General

Target

3eaf3a9d0f5a03fa1ff2d77725f31c6d
Size

33KB
MD5

3eaf3a9d0f5a03fa1ff2d77725f31c6d
SHA1

5be6da061c70287eadb3cf14aa1fe785ade9aeaa
SHA256

e67d324e4c2f26b38db78d7837474a5e7fc7595c46e0b3d069e990c6b60fa02d
SHA512

934b5767f51a5e1b317d76894c0e9bb556630e07e63aa9e6e4cfd30e507edaa42fb61fe4b89996bf7877bf48c74b9ca973fc2b6c7d811aed75235801bd6fe8ec
SSDEEP

768:qHCGUicdWJRnvB39SGvVDRJskHBNN5RBx3D4:GCGcWPnOuVHsYNbRBx3M

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3eaf3a9d0f5a03fa1ff2d77725f31c6d

Files

3eaf3a9d0f5a03fa1ff2d77725f31c6d
.exe windows:4 windows x86 arch:x86

5df210a13bae5a96d68f54adc9313e32

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_wfdopen
asctime
_close
_isnan
_wfopen
tmpfile
strrchr
_control87
wcscoll
puts
_utime64
_waccess
_getdrives
_outpw
_wunlink
vfprintf
_spawnv
_finite
_isctype
iswalpha
__p__acmdln
_winver
_ismbblead
_wtol
toupper
_strdup
_fmode
__setusermatherr
fscanf
isxdigit
_winminor
_ui64toa
_wexecvp
_CIacos
_wexecve
_ismbcl2
_hypot
memcmp
_pctype

ole32

UtGetDvtd32Info
IsValidPtrOut
CLSIDFromProgID
CoMarshalHresult
CoMarshalInterThreadInterfaceInStream
OleSave
CoInitialize
CoBuildVersion
IsValidPtrIn
SetConvertStg
OleInitializeWOW
OleRegGetUserType
CoQueryReleaseObject
StgCreateDocfileOnILockBytes
OleConvertIStorageToOLESTREAMEx

kernel32

lstrcmpA
SetConsoleFont
CloseProfileUserMapping
OpenMutexW
VirtualFree
FileTimeToDosDateTime
GlobalSize
MapViewOfFile
GetCurrencyFormatW
ExitProcess
EnumCalendarInfoW
AddConsoleAliasW
lstrlenW
SetCommConfig
GetConsoleCP
SearchPathA
LoadLibraryExA
EnumResourceTypesA
RequestWakeupLatency
GetModuleHandleA
WriteConsoleInputW
IsDBCSLeadByteEx
FlushViewOfFile
GetStringTypeA
EnumTimeFormatsA
HeapUnlock
LocalCompact
VirtualAlloc
GetConsoleMode
IsBadReadPtr
MapViewOfFileEx
Sleep
lstrcmpiA
EnumSystemLocalesW
SetConsoleMenuClose
GlobalWire
GetStartupInfoA
DeviceIoControl
FindResourceExA
CreateDirectoryExW
GetTempFileNameW
GlobalFlags
VirtualAlloc
GetConsoleWindow
GetVersionExA
ReadConsoleOutputW
GetExitCodeProcess
FindClose

comdlg32

CommDlgExtendedError
PageSetupDlgW
FindTextW
WantArrows

gdi32

GetTextExtentExPointA
EndPage
OffsetViewportOrgEx
ExtCreatePen
AbortPath
GetEnhMetaFileDescriptionW
CopyMetaFileW
SetTextCharacterExtra
DescribePixelFormat
CreateEnhMetaFileA
SetPaletteEntries
GetObjectType
DeleteColorSpace
SetBitmapBits
ColorMatchToTarget
StretchBlt
SetRectRgn
PolyTextOutW
CloseEnhMetaFile
SetBkMode
CreateFontIndirectW
CloseFigure
EnumMetaFile
GetEnhMetaFileW

user32

DdeQueryStringW
EnumDisplaySettingsExA
DdeImpersonateClient
DdeNameService
DdeAbandonTransaction
DdeAddData
EnumDisplayMonitors
FlashWindow
DestroyMenu
GetClassLongW
GetCursorPos
GetDlgItem
GetClassNameW
EnumPropsExW
GetCaretPos
DdeConnectList
DispatchMessageW
AdjustWindowRect
DialogBoxParamW
DrawFrame
DdeEnableCallback
GetAsyncKeyState
BeginPaint
CreateDialogParamA
ChangeDisplaySettingsA
DlgDirSelectExA
DrawTextW
EnumClipboardFormats
CloseWindow
CopyAcceleratorTableW

advapi32

ElfCloseEventLog
CryptDestroyHash
RegNotifyChangeKeyValue
CryptAcquireContextA
ElfOpenEventLogA
LsaICLookupNames
AccessCheckAndAuditAlarmW
GetSidSubAuthorityCount
RegGetKeySecurity
SetSecurityInfoExW
LsaEnumerateTrustedDomains
CryptReleaseContext
LsaGetUserName
SetPrivateObjectSecurity
LsaICLookupSids
CryptSetProviderA
RegEnumKeyA
RegEnumValueW
StartServiceCtrlDispatcherW
GetMultipleTrusteeOperationA
ElfOpenBackupEventLogA
ElfClearEventLogFileW
LookupAccountSidA

Sections

.text
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.vyll
Size: 9KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.mwt
Size: 9KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.kuun
Size: 6KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5df210a13bae5a96d68f54adc9313e32

Headers

File Characteristics

Imports

msvcrt

ole32

kernel32

comdlg32

gdi32

user32

advapi32

Sections

.text Size: 7KB - Virtual size: 8KB

.vyll Size: 9KB - Virtual size: 24KB

.mwt Size: 9KB - Virtual size: 21KB

.kuun Size: 6KB - Virtual size: 17KB

.reloc Size: 1024B - Virtual size: 1KB

.text
Size: 7KB - Virtual size: 8KB

.vyll
Size: 9KB - Virtual size: 24KB

.mwt
Size: 9KB - Virtual size: 21KB

.kuun
Size: 6KB - Virtual size: 17KB

.reloc
Size: 1024B - Virtual size: 1KB