3f99780244912ed5fb08c0c346cf4ed9

General

Target

3f99780244912ed5fb08c0c346cf4ed9
Size

187KB
MD5

3f99780244912ed5fb08c0c346cf4ed9
SHA1

b3d366590eb5b6698569b1e475127766ec6a53e8
SHA256

442425ba1e8f7a5e7976a6df1e51e7d31404eced10862dff50e1bf1c54ca9468
SHA512

9121fabe046fcf7e43675a4d78ddb4aef664ae4d3f08a2fe6e03a671094c3d4ece68dba78edc7a62ee903a023fa3148889a9c3d614f60924dc3ed625bedf8613
SSDEEP

3072:QLUzaDbxo5fnwjG6DONI0hP5MlMaXdemqEazFqVJj05hALmsGDaicLNkMjzt+ckZ:GUzaXxqd4T0iMhmqZqQhALmsBihP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3f99780244912ed5fb08c0c346cf4ed9

Files

3f99780244912ed5fb08c0c346cf4ed9
.exe windows:4 windows x86 arch:x86

a30c2e96422c3e32ea35ee8f8206918a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

Shell_NotifyIconA

ole32

CLSIDFromString
CoTaskMemFree
CoCreateInstance
StgCreateDocfile

shlwapi

PathAddBackslashA

setupapi

CM_Get_Depth
SetupDiGetDeviceRegistryPropertyW
CMP_WaitNoPendingInstallEvents
CM_Get_DevNode_Status

comdlg32

ChooseFontA
GetOpenFileNameA

kernel32

LCMapStringW
HeapAlloc
InterlockedDecrement
IsBadReadPtr
AddAtomA
GetCurrentProcess
InitializeCriticalSection
SetFilePointer
GetSystemTimeAsFileTime
SetStdHandle
IsBadCodePtr
InterlockedIncrement
RaiseException
EnumResourceNamesA
GetCurrentThreadId
LCMapStringA
GetModuleHandleA
IsDBCSLeadByteEx
DeleteCriticalSection
FlushInstructionCache
GetStringTypeA
GetCurrentProcessId
CloseHandle
EnterCriticalSection
LeaveCriticalSection
GetStringTypeW
LoadLibraryExA
FlushFileBuffers
GetLastError
SizeofResource

advapi32

RegQueryInfoKeyA
RegEnumKeyExA
RegSetValueExA
RegDeleteKeyA
RegCloseKey
RegOpenKeyExA
RegCreateKeyA
RegEnumValueA
RegCreateKeyExA
RegQueryValueExA

gdi32

CreateFontIndirectA

Sections

.text
Size: 96KB - Virtual size: 95KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 87KB - Virtual size: 87KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a30c2e96422c3e32ea35ee8f8206918a

Headers

File Characteristics

Imports

shell32

ole32

shlwapi

setupapi

comdlg32

kernel32

advapi32

gdi32

Sections

.text Size: 96KB - Virtual size: 95KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 87KB - Virtual size: 87KB

.reloc Size: 1024B - Virtual size: 136KB

.text
Size: 96KB - Virtual size: 95KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 87KB - Virtual size: 87KB

.reloc
Size: 1024B - Virtual size: 136KB