3f03e7bd2175d08922a191effd0c5192

General

Target

3f03e7bd2175d08922a191effd0c5192
Size

44KB
MD5

3f03e7bd2175d08922a191effd0c5192
SHA1

1d4182817cfeaaeba563dd2817227e313abf77d9
SHA256

e6c23af79c0679e4960f44ddb413fdf8bd315861fe14b3488c73cb5a5919862c
SHA512

305ecff7ab1742caa94d12239d37e0eb7abf0e499293652fb9fb34644c8bb84be1f46b2975fdfd3ab6302eb8522b0ed788bf7ae606234e0e7415d257d0895c5e
SSDEEP

384:NZOGnrhuxnDpVHfCcYx0WO7Ds2tlMsEln4QgYfANNXshA2ugePEO2bltB7GNa:fO9nDPf/x31W/gYIPcwlMO2bln7wa

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3f03e7bd2175d08922a191effd0c5192

Files

3f03e7bd2175d08922a191effd0c5192
.dll windows:4 windows x86 arch:x86

69216d1ba0cf87be008e9e94c89dd7d4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetLastError
CreateMutexA
GetCurrentProcessId
CloseHandle
CreateRemoteThread
VirtualAllocEx
OpenProcess
lstrlenA
GetCurrentProcess
ResumeThread
TerminateProcess
GetModuleFileNameA
VirtualProtectEx
GetTempPathA
VirtualAlloc
WriteProcessMemory
GetPrivateProfileStringA
ReadProcessMemory
SetUnhandledExceptionFilter
SetThreadContext
ReadFile
CreateFileA
WideCharToMultiByte
MultiByteToWideChar
ExitProcess
GetCurrentThreadId
RaiseException
DeleteFileA
GetLocalTime
GetTickCount
WriteFile
InitializeCriticalSection
VirtualProtect
LeaveCriticalSection
EnterCriticalSection
Sleep
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
GetCommandLineA
IsBadReadPtr
TerminateThread
CreateThread
LoadLibraryA
GetModuleHandleA
OpenThread
GetProcAddress

user32

GetWindowThreadProcessId
CallNextHookEx
GetWindowTextA

msvcrt

_stricmp
_strlwr
_strcmpi
_strupr
_ltoa
wcslen
srand
??2@YAPAXI@Z
memcpy
strrchr
memset
sprintf
strcat
strcpy
strlen
??3@YAXPAX@Z
strncpy
strchr
strstr
strcmp
__CxxFrameHandler
rand

Exports

Exports

ccc
ddd

Sections

.text
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

scgw
Size: 4KB - Virtual size: 140B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

69216d1ba0cf87be008e9e94c89dd7d4

Headers

File Characteristics

Imports

kernel32

user32

msvcrt

Exports

Exports

Sections

.text Size: 24KB - Virtual size: 20KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 4KB - Virtual size: 14KB

scgw Size: 4KB - Virtual size: 140B

.reloc Size: 4KB - Virtual size: 2KB

.text
Size: 24KB - Virtual size: 20KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 4KB - Virtual size: 14KB

scgw
Size: 4KB - Virtual size: 140B

.reloc
Size: 4KB - Virtual size: 2KB