3f86fb5c7b7ba60f7601b5dfe0d0c733

Sharing

Copy URL Twitter E-mail

General

Target

3f86fb5c7b7ba60f7601b5dfe0d0c733
Size

326KB
MD5

3f86fb5c7b7ba60f7601b5dfe0d0c733
SHA1

8ac779545bd0308155a7d6dd9a088a6cf1bf64d8
SHA256

e55c4bee8457c450a66097c5a95ca3945f13fc23d4e6cc21141aba05675a8f58
SHA512

7405740cd4526ddfa01ecca25dbf9e38963f0c0aade08e06c5c99fc1d3f54fc48159d729f1df01a5ac60987ec6abbee54b6d08b3a25ceee9bc4c0497d75db1ef
SSDEEP

6144:yLQMMnMMMMMa4HBORl0VSyR6yF3+z8lBst94Ro625oMKIy6EOa0nYqF02IcOiNc5:vMMnMMMMMDBIl0Vhpg4CGM56CFOcOac5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3f86fb5c7b7ba60f7601b5dfe0d0c733

Files

3f86fb5c7b7ba60f7601b5dfe0d0c733
.exe windows:4 windows x86 arch:x86

21364b4442b512c22868b85de38ae4c4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

samlib

SamTestPrivateFunctionsUser
SamConnectWithCreds
SamiEncryptPasswords
SamRemoveMultipleMembersFromAlias

kernel32

FreeEnvironmentStringsA
GetTimeZoneInformation
ReleaseSemaphore
InterlockedDecrement
HeapFree
FindClose
ExitThread
GlobalDeleteAtom
GetCPInfo
RtlUnwind
SetStdHandle
GetACP
GetTickCount
GetCurrentProcess
FileTimeToSystemTime
GetModuleFileNameA
GetProcAddress
_lread
GetFileType
GetFullPathNameA
GetUserDefaultLangID
WaitForSingleObject
GetStdHandle
FlushFileBuffers
GetVersion
FindNextFileA
FreeResource
GetFileTime
FormatMessageW
GlobalFree
MulDiv
WinExec
GlobalSize
SetCurrentDirectoryA
HeapSize
LockResource
SetEndOfFile
IsBadReadPtr
LoadResource
TlsGetValue
GetCurrentDirectoryA
FindFirstFileA
GetModuleHandleA
SearchPathA
GetUserDefaultLCID
CompareStringW
GetDriveTypeA
ResetEvent
GetSystemDirectoryA
UnlockFile
GetStartupInfoA
SizeofResource
GetStringTypeExA
SetLastError
LCMapStringW
GetLocaleInfoA
lstrcmpiA
GetStringTypeA
FlushInstructionCache
RaiseException
InitializeCriticalSection
_lclose
InterlockedIncrement
MultiByteToWideChar
GetShortPathNameA
GetLocalTime
LoadLibraryExA
SystemTimeToFileTime
GlobalLock
RemoveDirectoryA
SetErrorMode
GetProfileStringA
GetSystemDefaultLangID
ReadFile
DeleteCriticalSection
SetEnvironmentVariableA
lstrcmpA
LCMapStringA
VirtualAlloc
CreateSemaphoreA
CreateEventA
TlsSetValue
GetCurrentThreadId
ExitProcess
GlobalUnlock
GetCommandLineA
EnterCriticalSection
lstrcpyA
TlsFree
GetSystemDefaultLCID
GetModuleFileNameW
DuplicateHandle
FindResourceA
IsDBCSLeadByte
SetFileAttributesA
SetLocalTime
lstrcpynA
GetStringTypeW
GetLastError
SetFilePointer
FreeEnvironmentStringsW
WideCharToMultiByte
GetTempFileNameA
lstrcmpiW
GlobalHandle
HeapAlloc
UnhandledExceptionFilter

ddraw

DirectDrawEnumerateA

msi

MsiConfigureFeatureA
MsiConfigureFeatureW
MsiAdvertiseProductA

mswsock

sethostname

user32

CallMsgFilterW

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 308KB - Virtual size: 307KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 3KB - Virtual size: 696KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 72B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

21364b4442b512c22868b85de38ae4c4

Headers

DLL Characteristics

File Characteristics

Imports

samlib

kernel32

ddraw

msi

mswsock

user32

Sections

.text Size: 1KB - Virtual size: 1KB

.rdata Size: 9KB - Virtual size: 8KB

.rsrc Size: 308KB - Virtual size: 307KB

.idata Size: 3KB - Virtual size: 3KB

.data Size: 3KB - Virtual size: 696KB

.reloc Size: 512B - Virtual size: 72B

.text
Size: 1KB - Virtual size: 1KB

.rdata
Size: 9KB - Virtual size: 8KB

.rsrc
Size: 308KB - Virtual size: 307KB

.idata
Size: 3KB - Virtual size: 3KB

.data
Size: 3KB - Virtual size: 696KB

.reloc
Size: 512B - Virtual size: 72B