3ec3ba80cb1950f8502b33d06a0350c4

Sharing

Copy URL

Twitter E-mail

General

Target

3ec3ba80cb1950f8502b33d06a0350c4
Size

616KB
MD5

3ec3ba80cb1950f8502b33d06a0350c4
SHA1

c4f7c2c5a237f93e3a0cf79a69995f667ed5ed6e
SHA256

70a97e0cad06ff1b4655abe2d832d7d90b3829fcf8edbffbfdbe94765cafe402
SHA512

7825e26a1237bf72881c84f2bbfa72a01e42b402f3280b4c846098cef59a32260e166ec44a75d9f0a1de43a735b862370b65bc071a4d57aefa7fc64c1d794387
SSDEEP

12288:1bLPzsyutYO3GR/3EekLjL3luDHUrzQ/zhJ86dd0ttFF+N2yDNbj8fdegbap/Rtk:1vPzsrtYuW/3HkLjDluD+uzhJ862eNnM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3ec3ba80cb1950f8502b33d06a0350c4

Files

3ec3ba80cb1950f8502b33d06a0350c4
.exe windows:4 windows x86 arch:x86

8fb81b465ced92efd3221e680b130e62

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ImageList_GetIcon
ImageList_Destroy
InitMUILanguage
InitCommonControlsEx
ImageList_GetImageRect
ImageList_DrawEx
ImageList_Read

kernel32

GetLastError
ReleaseMutex
FindAtomA
GetUserDefaultLangID
SetStdHandle
GetThreadTimes
GetLogicalDrives
GetStdHandle
TlsSetValue
GetProcessHeap
EnterCriticalSection
GlobalAddAtomA
GetModuleFileNameW
CreateFileA
TransmitCommChar
GetTickCount
GetVersionExW
ReadConsoleOutputCharacterW
WriteProfileStringA
GetEnvironmentVariableA
VirtualQueryEx
ConnectNamedPipe
GetCurrentThread
HeapCreate
InterlockedExchange
CompareStringW
OpenSemaphoreW
GetEnvironmentStrings
OpenFile
GetCurrentProcess
InterlockedDecrement
LCMapStringA
EnumResourceTypesA
UnlockFileEx
WideCharToMultiByte
GetACP
FlushFileBuffers
GetStartupInfoA
FoldStringW
GetSystemTimeAsFileTime
DeleteCriticalSection
SuspendThread
GetLocalTime
LocalReAlloc
TlsFree
LCMapStringW
GetLongPathNameW
FindClose
LeaveCriticalSection
FreeEnvironmentStringsA
lstrcatA
SetHandleCount
FileTimeToLocalFileTime
GetModuleHandleA
ExitProcess
HeapFree
GetVolumeInformationA
UnhandledExceptionFilter
FindFirstFileExA
GetFullPathNameW
CreateWaitableTimerA
VirtualQuery
TlsGetValue
SetFilePointer
CompareStringA
InitializeCriticalSection
SetThreadIdealProcessor
lstrcpy
OpenMutexA
LoadLibraryA
GetFileType
GetStringTypeExW
GlobalFindAtomW
ReadFile
RaiseException
InterlockedIncrement
GetCPInfo
CloseHandle
LocalLock
HeapDestroy
GetTempFileNameW
CreateRemoteThread
EnumSystemCodePagesA
lstrcmpiW
WaitCommEvent
CreateMutexA
HeapAlloc
CreateNamedPipeA
GetFileSize
VirtualFree
GetThreadContext
GlobalFindAtomA
TlsAlloc
CreateEventA
GetTimeZoneInformation
GetPrivateProfileSectionNamesA
GetLogicalDriveStringsA
lstrcpyn
GetSystemTime
WriteFile
RtlUnwind
GetCompressedFileSizeA
GetConsoleTitleW
GetStringTypeW
SetConsoleTitleW
SetLastError
QueryPerformanceCounter
GetEnvironmentStringsW
GlobalDeleteAtom
GetModuleFileNameA
IsBadWritePtr
GlobalUnfix
GetThreadPriority
TerminateProcess
OpenWaitableTimerW
OpenWaitableTimerA
HeapReAlloc
GetOEMCP
GetStringTypeA
GetVersion
GetTimeFormatA
SetEnvironmentVariableA
FlushConsoleInputBuffer
VirtualAlloc
MultiByteToWideChar
GetCurrentProcessId
GetCurrentThreadId
GetProcAddress
FreeEnvironmentStringsW
GetCommandLineA

advapi32

RegEnumKeyExA
CryptGetUserKey
RegSetValueA
CryptHashSessionKey
CryptVerifySignatureW
CryptGetProvParam
RegSaveKeyA

comdlg32

GetSaveFileNameW
GetSaveFileNameA
FindTextW

user32

EnumWindowStationsA
DrawFrameControl
InsertMenuA
GetProcessDefaultLayout
RegisterClassExA
CreateDialogParamA
GetShellWindow
ActivateKeyboardLayout
DdeCreateStringHandleA
MapVirtualKeyExW
CreatePopupMenu
GetClipboardData
RegisterClassA
EnumWindowStationsW
DrawAnimatedRects
SendMessageTimeoutA
DdePostAdvise

Sections

.text
Size: 180KB - Virtual size: 176KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 252KB - Virtual size: 249KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 108KB - Virtual size: 113KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 72KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8fb81b465ced92efd3221e680b130e62

Headers

File Characteristics

Imports

comctl32

kernel32

advapi32

comdlg32

user32

Sections

.text Size: 180KB - Virtual size: 176KB

.rdata Size: 252KB - Virtual size: 249KB

.data Size: 108KB - Virtual size: 113KB

.rsrc Size: 72KB - Virtual size: 68KB

.text
Size: 180KB - Virtual size: 176KB

.rdata
Size: 252KB - Virtual size: 249KB

.data
Size: 108KB - Virtual size: 113KB

.rsrc
Size: 72KB - Virtual size: 68KB