3faac73276df5bacb1d8b4a5cc00dd72

Sharing

Copy URL Twitter E-mail

General

Target

3faac73276df5bacb1d8b4a5cc00dd72
Size

416KB
MD5

3faac73276df5bacb1d8b4a5cc00dd72
SHA1

3df10d7ea3b5c93ec371cc677c7de057b7c75200
SHA256

d00477736ef36085f957fed79bec006b5b5ed0199a7d06ea80375a8d44677ce5
SHA512

ceb3823072b764a52d443a6698b7d8ee256d83ab85a5664c718b4a43313a62704ce7291c6008c8d2dcc41015f30025d5e0145501a87e94aa3aaf789ffce26126
SSDEEP

12288:kKcZsDiTdyCBsGE1/ykdofH0ZDNUEpt2y+E46Z2HH7z:Z4V9sGE1JaiDNzd+g2Hb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3faac73276df5bacb1d8b4a5cc00dd72

Files

3faac73276df5bacb1d8b4a5cc00dd72
.exe windows:4 windows x86 arch:x86

992614a3420e288976bbeb049587810a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

CryptDuplicateHash
CryptHashSessionKey
RegRestoreKeyW
InitializeSecurityDescriptor
LookupPrivilegeValueW
RegSetValueW
LookupPrivilegeNameW
RegOpenKeyExW
CryptSetKeyParam
CryptEnumProviderTypesW
CryptDeriveKey
RegCloseKey
CryptSetProviderExW
CryptGetDefaultProviderW
RegReplaceKeyA
ReportEventA
InitiateSystemShutdownW
CryptSignHashW
DuplicateTokenEx
CryptImportKey
RegQueryInfoKeyA

wininet

DeleteUrlCacheContainerA
HttpAddRequestHeadersW
InternetConfirmZoneCrossing
FtpDeleteFileA

gdi32

AddFontResourceA
CreateColorSpaceA
PlayMetaFileRecord
GetWindowExtEx
CreateFontW
SetWindowExtEx
CloseMetaFile
GetLogColorSpaceA
GetWorldTransform
GetEnhMetaFileA
GetColorAdjustment

user32

GetMenuItemInfoW
GetWindowTextLengthW
OemToCharBuffW
EndMenu
DialogBoxParamA
GetClassInfoExA
GetSubMenu
UnregisterClassW
GetFocus
GetMessageTime
SetForegroundWindow
MonitorFromWindow

kernel32

HeapCreate
GetModuleFileNameA
HeapFree
lstrcmp
LoadLibraryA
GetCurrentProcess
TlsFree
GetCurrentThreadId
lstrlen
InterlockedExchange
GetLastError
OpenWaitableTimerA
LCMapStringW
ExitProcess
OpenEventA
DeleteCriticalSection
QueryPerformanceCounter
GetStringTypeA
SetLastError
MultiByteToWideChar
FindFirstFileExA
GetCommandLineA
GetProcAddress
HeapReAlloc
LCMapStringA
VirtualFree
GetStdHandle
GetEnvironmentStringsW
TlsAlloc
GlobalFlags
VirtualUnlock
GetOEMCP
VirtualFreeEx
SetConsoleCursorInfo
VirtualAlloc
SetHandleCount
TerminateProcess
ConvertDefaultLocale
GetNamedPipeHandleStateW
GetCurrencyFormatA
FlushInstructionCache
GetStartupInfoA
CreatePipe
IsBadWritePtr
EnumSystemCodePagesW
LocalFree
GetCurrentProcessId
GetModuleHandleA
FreeEnvironmentStringsW
GetEnvironmentVariableA
FreeEnvironmentStringsA
InitializeCriticalSection
LocalLock
RtlUnwind
TlsSetValue
ReleaseSemaphore
CreateFileMappingW
GetTickCount
GetCPInfo
WriteFile
HeapDestroy
GetEnvironmentStrings
SetConsoleCursorPosition
VirtualQuery
ExitThread
GetACP
LeaveCriticalSection
EnterCriticalSection
GetSystemTimeAsFileTime
WideCharToMultiByte
GetProcessHeaps
UnlockFile
TlsGetValue
GetCurrentThread
GetStringTypeW
GetVersion
GetFileType
HeapAlloc
UnhandledExceptionFilter

Sections

.text
Size: 105KB - Virtual size: 105KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 302KB - Virtual size: 325KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

992614a3420e288976bbeb049587810a

Headers

File Characteristics

Imports

advapi32

wininet

gdi32

user32

kernel32

Sections

.text Size: 105KB - Virtual size: 105KB

.data Size: 302KB - Virtual size: 325KB

.rsrc Size: 8KB - Virtual size: 7KB

.text
Size: 105KB - Virtual size: 105KB

.data
Size: 302KB - Virtual size: 325KB

.rsrc
Size: 8KB - Virtual size: 7KB