3ece4493d6e64d66067f435652954bfd

Sharing

Copy URL Twitter E-mail

General

Target

3ece4493d6e64d66067f435652954bfd
Size

171KB
MD5

3ece4493d6e64d66067f435652954bfd
SHA1

5cb57e8b408bfbab82751a2796a527bb4d2d1c1d
SHA256

c6b606fd15350766583a6bb6604488dcf140431975b5d7bc2b0721cbb1c3a504
SHA512

6cf8df85e4da49dcc53a2e796a98a3977c258ca33a1ff4be36cca21a6f070a0bd8856f61fef00f099bc26022bbce0c7ca5522325c8bd9ad08f00960e53618376
SSDEEP

3072:DmbKeQOCEb13Qb77vFHzr0YcyBy0A/NgZe9wHUuc0e3x0nHyG:DmboOCY3s5zrzN6/yZoieWSG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3ece4493d6e64d66067f435652954bfd

Files

3ece4493d6e64d66067f435652954bfd
.exe windows:4 windows x86 arch:x86

fa3aad269d0161f6bfb67c2608dddfee

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

SHCreateDirectoryExW
SHGetSpecialFolderPathW

shlwapi

PathIsUNCW
PathStripToRootW
PathRemoveFileSpecW
PathFindFileNameW
PathFindExtensionW
PathFileExistsW
PathAppendW

oleacc

LresultFromObject
CreateStdAccessibleObject

gdi32

Escape
GetStockObject
SelectObject
ScaleWindowExtEx
GetTextColor
ScaleViewportExtEx
GetDeviceCaps
GetMapMode
PtVisible
ExtSelectClipRgn
SetViewportOrgEx
SetWindowExtEx
TextOutW
OffsetViewportOrgEx
GetBkColor
ExtTextOutW
DeleteDC
RectVisible
GetRgnBox

advapi32

RegQueryValueW
RegCloseKey
RegQueryInfoKeyW
RegCreateKeyExW
RegEnumKeyW
RegEnumKeyExW
RegSetValueExW
RegOpenKeyW
RegOpenKeyExW
RegDeleteKeyW
RegQueryValueExW

kernel32

ReadFile
GetFileAttributesW
GetCalendarInfoW
FindClose
GetVersion
GetCurrentProcessId
GetModuleFileNameW
CreateFileW
GetSystemDefaultLangID
SetFileTime
MultiByteToWideChar
GetThreadContext
SetFilePointer
WideCharToMultiByte
InterlockedDecrement
GetLocaleInfoW
WriteFile
ConvertDefaultLocale
EnumResourceNamesA
EnumResourceLanguagesW
FindFirstFileW
FindNextFileW
LoadLibraryW
RemoveDirectoryW
SystemTimeToFileTime
ExitProcess
lstrcpyW
MoveFileW
DeleteFileW
LocalFileTimeToFileTime
CreateDirectoryW
GetCurrentDirectoryW
GetProcAddress

user32

WinHelpW
MessageBeep
GetPropW
GetNextDlgGroupItem
CopyAcceleratorTableW
GetNextDlgTabItem
IsRectEmpty
GetClassInfoExW
GetClassLongW
InvalidateRect
CreateWindowExW
SetPropW
SendDlgItemMessageA
CharNextW
InvalidateRgn
CharUpperW
RemovePropW
SetRect
RegisterWindowMessageW
DestroyMenu

ole32

OleUninitialize
CoInitialize
StgOpenStorageOnILockBytes
CoRegisterMessageFilter
StgCreateDocfileOnILockBytes
CoCreateInstance
CoFreeUnusedLibraries
CoUninitialize
CoGetClassObject
OleInitialize
CoRevokeClassObject
CreateILockBytesOnHGlobal
OleFlushClipboard
CLSIDFromProgID
CoTaskMemAlloc
OleIsCurrentClipboard
CoTaskMemFree
CLSIDFromString

Sections

.text
Size: 95KB - Virtual size: 94KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 70KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1024B - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fa3aad269d0161f6bfb67c2608dddfee

Headers

File Characteristics

Imports

shell32

shlwapi

oleacc

gdi32

advapi32

kernel32

user32

ole32

Sections

.text Size: 95KB - Virtual size: 94KB

.rdata Size: 3KB - Virtual size: 3KB

.bss Size: 70KB - Virtual size: 70KB

.edata Size: 1024B - Virtual size: 96KB

.text
Size: 95KB - Virtual size: 94KB

.rdata
Size: 3KB - Virtual size: 3KB

.bss
Size: 70KB - Virtual size: 70KB

.edata
Size: 1024B - Virtual size: 96KB