3eb68e4565b9fec31d83046dd26878de

Sharing

Copy URL

Twitter E-mail

General

Target

3eb68e4565b9fec31d83046dd26878de
Size

152KB
MD5

3eb68e4565b9fec31d83046dd26878de
SHA1

0dd83667594009419430d2c9065ebf53ec01d1af
SHA256

97be7a526b57c0e722d1a90bf079c2982179ca3ac96ec9009b3458c0f1a9a46b
SHA512

6731618650a3876b6b1ae943f468086688d6a9226481436bda05fd7b324b6aa48a332e74cfc8c3c84f6ceee30d71d0866696114fd98abc676c163e0438088b7e
SSDEEP

3072:+eNFewvOObqPyrw6bbnH25LVoev52b8IJIYKC:+4FK96MEbnHELR2j4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3eb68e4565b9fec31d83046dd26878de

Files

3eb68e4565b9fec31d83046dd26878de
.dll windows:4 windows x86 arch:x86

57d9aebecf49a972498cc6b7d314b90c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

MultiByteToWideChar
WideCharToMultiByte
lstrlenA
CreateDirectoryA
GetTempPathA
GetPrivateProfileStructA
WritePrivateProfileSectionA
LoadResource
LockResource
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
InitializeCriticalSectionAndSpinCount
GetCurrentThread
GetCurrentProcess
GetSystemDirectoryW
GetVolumePathNameW
GetVolumeInformationW
CreateMutexW
WaitForSingleObject
ReleaseMutex
GetDriveTypeW
InterlockedDecrement
InterlockedIncrement
FindResourceExW
GetStringTypeA
LCMapStringW
lstrcpyA
LoadLibraryA
GetOEMCP
GetACP
GetCPInfo
HeapReAlloc
VirtualAlloc
HeapAlloc
WriteFile
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
HeapFree
GetStringTypeW
VirtualFree
HeapCreate
HeapDestroy
GetVersionExA
GetEnvironmentVariableA
GetModuleFileNameA
GetModuleHandleA
ExitProcess
GetVersion
RtlUnwind
LocalFree
LocalAlloc
FormatMessageA
FormatMessageW
OpenEventA
OpenSemaphoreA
OutputDebugStringA
GlobalUnlock
CopyFileA
SetVolumeLabelA
InterlockedExchange
InterlockedCompareExchange
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
lstrcmpW
GetExitCodeThread
GetVersionExW
GetPrivateProfileStringW
GlobalFree
SearchPathW
GetWindowsDirectoryW
CreateFileW
lstrcmpiW
CloseHandle
GlobalAlloc
lstrcpyW
CreateThread
Sleep
GetModuleHandleW
lstrcpynW
lstrlenW
LoadLibraryW
GetProcAddress
FreeLibrary
DisableThreadLibraryCalls
GetCommandLineA
LCMapStringA
VirtualProtect

user32

SetWindowLongW
GetParent
CheckDlgButton
IsDlgButtonChecked
DialogBoxParamW
LoadImageW
MapDialogRect
SetWindowPos
DestroyIcon
GetWindowRect
GetSystemMetrics
CreateDesktopA
FindWindowA
OemToCharA
CharToOemBuffA
IsCharLowerA
PostMessageW
SendMessageW
LoadStringW
MessageBoxW
RegisterWindowMessageA
ShowWindow
GetDlgItem
SetForegroundWindow
EndDialog
SetDlgItemTextW
wsprintfW
SetFocus
EnableWindow
SendDlgItemMessageW
WinHelpW
CharNextW
CharPrevW
GetDlgItemTextW
DialogBoxParamA

advapi32

GetNamedSecurityInfoW
GetAclInformation
GetAce
IsValidSid
GetLengthSid
CopySid
GetSecurityDescriptorOwner
LogonUserW
GetSecurityDescriptorLength
MakeSelfRelativeSD
ConvertSidToStringSidW
OpenThreadToken
OpenProcessToken
GetTokenInformation
SetSecurityDescriptorControl
AddAccessAllowedAceEx
SetNamedSecurityInfoW
RegSetValueW
GetSecurityDescriptorControl
EqualSid
GetSecurityDescriptorDacl
ConvertStringSidToSidW
BuildTrusteeWithSidW
GetEffectiveRightsFromAclW
ConvertStringSecurityDescriptorToSecurityDescriptorW
RegOpenKeyExW
RegQueryValueExW
IsValidSecurityDescriptor
RegCloseKey
CloseServiceHandle
ChangeServiceConfigA
AbortSystemShutdownA
RegQueryValueExA
IsTextUnicode

gdi32

CreateFontIndirectW
CreateDCA
GetOutlineTextMetricsA
DeleteObject
GetObjectW

Sections

.text
Size: 84KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 44KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

57d9aebecf49a972498cc6b7d314b90c

Headers

File Characteristics

Imports

kernel32

user32

advapi32

gdi32

Sections

.text Size: 84KB - Virtual size: 80KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 44KB - Virtual size: 78KB

.rsrc Size: 4KB - Virtual size: 1KB

.reloc Size: 8KB - Virtual size: 4KB

.text
Size: 84KB - Virtual size: 80KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 44KB - Virtual size: 78KB

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 8KB - Virtual size: 4KB