3f9411b34307b6a41687ceee862be4e2

Sharing

Copy URL Twitter E-mail

General

Target

3f9411b34307b6a41687ceee862be4e2
Size

406KB
MD5

3f9411b34307b6a41687ceee862be4e2
SHA1

d2d1b617137a59b937c570d8205e07b7feacabed
SHA256

e26d152f886fd64e57e88501c9e5b087c6573e0f997845b6ee18bc0955689342
SHA512

c84835e23689b8daca7131d5f5fa69ce48c2d2ba423e035b488cc78cf7e13c849758cb56581ac065ee3a5e6171ca05dacee2a66d10b791dae7a06f9bb159a870
SSDEEP

12288:PRE5uCXEW3mk+oQ17woyu7w38guufvIYYNza:P8E4mk+oQ1Bh7tufvIYca

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3f9411b34307b6a41687ceee862be4e2

Files

3f9411b34307b6a41687ceee862be4e2
.exe windows:4 windows x86 arch:x86

757944eabb3ebf9e368fcfae98d6f0e6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

CryptGenKey

comdlg32

GetSaveFileNameW
PageSetupDlgA
ReplaceTextW
ChooseColorW
GetSaveFileNameA
GetFileTitleW

shell32

RealShellExecuteExW
CommandLineToArgvW
DoEnvironmentSubstW
SheChangeDirExW
ShellExecuteW
SHQueryRecycleBinW
SHFormatDrive
SHGetDiskFreeSpaceA
SHUpdateRecycleBinIcon
SHGetDataFromIDListW
ExtractIconEx
DragQueryFileA
SHGetNewLinkInfo
ShellAboutA
ExtractAssociatedIconW
ExtractAssociatedIconExW
SHInvokePrinterCommandA
ShellExecuteExA
SHGetFileInfoW
SHGetMalloc
SHBrowseForFolderW
SHGetPathFromIDListW
SheChangeDirA
FindExecutableW

gdi32

OffsetViewportOrgEx
PlayEnhMetaFile
LineDDA
CreateDIBitmap
GetRasterizerCaps
GetColorSpace
CreatePolyPolygonRgn
SetWinMetaFileBits
GetPixelFormat
GetEnhMetaFileHeader
CreateBitmap
SetTextCharacterExtra

kernel32

EnumSystemLocalesA
TerminateProcess
DeleteCriticalSection
RtlUnwind
CompareStringA
IsValidCodePage
SetThreadPriority
GetTimeFormatA
LoadLibraryA
GetLocaleInfoW
GetStartupInfoA
TlsAlloc
LCMapStringA
TlsFree
VirtualFree
UnhandledExceptionFilter
GetUserDefaultLCID
LCMapStringW
GetStringTypeA
HeapReAlloc
ExitProcess
GetCPInfo
FindNextFileW
GetCurrentProcessId
EnumResourceLanguagesA
GetModuleFileNameA
HeapDestroy
HeapSize
QueryPerformanceCounter
EnterCriticalSection
GetACP
GetVersionExA
SetLastError
GetCurrentThreadId
GetProcAddress
GetModuleFileNameW
GetSystemInfo
GetPrivateProfileSectionA
GetCommandLineA
GetEnvironmentStringsW
VirtualProtect
GetTickCount
GetStartupInfoW
FreeEnvironmentStringsW
CompareStringW
GetDateFormatA
HeapCreate
LeaveCriticalSection
GetModuleHandleA
GetLastError
GetFileType
MultiByteToWideChar
SetHandleCount
TlsSetValue
SetEnvironmentVariableA
VirtualAlloc
GetStringTypeW
MapViewOfFileEx
GetCurrentProcess
GetCommandLineW
HeapAlloc
InterlockedExchange
TlsGetValue
IsValidLocale
WriteFile
GetSystemTimeAsFileTime
HeapFree
InitializeCriticalSection
GetLocaleInfoA
GetOEMCP
GetEnvironmentStrings
GetStdHandle
VirtualQuery
GetCurrentThread
IsBadWritePtr
GetTimeZoneInformation
FreeEnvironmentStringsA
WideCharToMultiByte

wininet

GopherOpenFileW
FtpCommandA
FtpRemoveDirectoryW
InternetCombineUrlW
InternetCanonicalizeUrlA
InternetLockRequestFile
InternetFindNextFileW
InternetOpenUrlW
InternetAttemptConnect
SetUrlCacheEntryGroupA
InternetTimeFromSystemTimeA
RunOnceUrlCache
SetUrlCacheHeaderData
FtpDeleteFileW
FtpGetFileA
UnlockUrlCacheEntryFile
InternetSetDialState
IsUrlCacheEntryExpiredW
FtpCreateDirectoryA

Sections

.text
Size: 124KB - Virtual size: 124KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 271KB - Virtual size: 270KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

757944eabb3ebf9e368fcfae98d6f0e6

Headers

File Characteristics

Imports

advapi32

comdlg32

shell32

gdi32

kernel32

wininet

Sections

.text Size: 124KB - Virtual size: 124KB

.data Size: 271KB - Virtual size: 270KB

.rsrc Size: 10KB - Virtual size: 9KB

.text
Size: 124KB - Virtual size: 124KB

.data
Size: 271KB - Virtual size: 270KB

.rsrc
Size: 10KB - Virtual size: 9KB