3f6d2620f709a805f9038a152b19ff2a

General

Target

3f6d2620f709a805f9038a152b19ff2a
Size

393KB
MD5

3f6d2620f709a805f9038a152b19ff2a
SHA1

b9bf3fcc9934f7a1540b44914d3a731fc7b94f56
SHA256

36bcdb5d0d0f881baadbd8bb370f061cbcb5d0a6f5f6189b2da22076186a6047
SHA512

77e479d8713f0748d25e51e0c0b0db6621b3c510a239669ac6822395de640bc41a3915fd330570017f6afaebbc084fc89fdc762ec2333ea4f8fd058a401124f7
SSDEEP

12288:kU6wV9GxTZlEwBOse2l3/kCvGwaqSYQ6ldm2jqXWB7hlvqVavEvpk:IZqrp6/lM2jqXWBWUvEhk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3f6d2620f709a805f9038a152b19ff2a

Files

3f6d2620f709a805f9038a152b19ff2a
.exe windows:4 windows x86 arch:x86

4a85a87d88e1f6ed73c43b4f6099a190

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStringTypeA
DeleteCriticalSection
EnterCriticalSection
GetACP
TlsGetValue
GetEnvironmentStringsW
HeapAlloc
LoadLibraryA
GetStartupInfoA
MultiByteToWideChar
GetCPInfo
InterlockedDecrement
GetEnvironmentStrings
HeapCreate
InterlockedExchange
GetTickCount
GetStringTypeW
VirtualFree
WideCharToMultiByte
GetCommandLineA
LeaveCriticalSection
LCMapStringA
WriteFile
LCMapStringW
FreeEnvironmentStringsA
GetCurrentThreadId
TlsAlloc
UnhandledExceptionFilter
GetProcAddress
GetLastError
TlsSetValue
HeapFree
FreeEnvironmentStringsW
IsBadWritePtr
DebugBreak
InitializeCriticalSection
VirtualQuery
GetStdHandle
SetLastError
GetSystemTimeAsFileTime
GetVersion
GetCurrentProcessId
GetOEMCP
TlsFree
HeapReAlloc
RtlUnwind
ExitProcess
GetFileType
GetCurrentThread
VirtualAlloc
TerminateProcess
QueryPerformanceCounter
GetCurrentProcess
HeapDestroy
GetModuleHandleA
SetHandleCount
GetModuleFileNameA

shell32

SHGetPathFromIDListA
InternalExtractIconListA

comdlg32

GetSaveFileNameA
ReplaceTextA
ReplaceTextW
GetOpenFileNameA
GetOpenFileNameW
FindTextW
GetFileTitleW
PageSetupDlgW
PrintDlgA
ChooseColorA
PageSetupDlgA
ChooseFontA

user32

GetDesktopWindow
SetLastErrorEx
SetClassLongW
GetKeyboardLayoutNameW
EnumDisplayMonitors
DialogBoxIndirectParamA
FindWindowExA
DestroyWindow
RegisterWindowMessageA
SendDlgItemMessageA
SetCaretBlinkTime
MessageBoxIndirectW
DdeConnect
DefDlgProcA
DialogBoxParamA

Sections

.text
Size: 112KB - Virtual size: 112KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 267KB - Virtual size: 295KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4a85a87d88e1f6ed73c43b4f6099a190

Headers

File Characteristics

Imports

kernel32

shell32

comdlg32

user32

Sections

.text Size: 112KB - Virtual size: 112KB

.data Size: 267KB - Virtual size: 295KB

.rsrc Size: 13KB - Virtual size: 12KB

.text
Size: 112KB - Virtual size: 112KB

.data
Size: 267KB - Virtual size: 295KB

.rsrc
Size: 13KB - Virtual size: 12KB