3fc7dcaf808a5b9952908037db7c4717

Sharing

Copy URL Twitter E-mail

General

Target

3fc7dcaf808a5b9952908037db7c4717
Size

596KB
MD5

3fc7dcaf808a5b9952908037db7c4717
SHA1

2f21563757b45155117b7327ea1520743ee70bee
SHA256

f268a53ef7eb4ab14ef0e2709ea2e8c97c0153e49937cec4a1ff4242f86a33c0
SHA512

b1ac4a73006dacd1da433a41541fb3d6991ff635feb3b95b3a0b3f2eabf3d1b074eed0c2992dd54f7c946f92eec766a653da6459721731ee0d4c1b250efd25e9
SSDEEP

12288:o+cEz2se6VtWqD3F369ql2NOgtW9VfVx2n1WsxfMh/:o+c6tWqD3FqoEZtW9lIAsxfM9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3fc7dcaf808a5b9952908037db7c4717

Files

3fc7dcaf808a5b9952908037db7c4717
.exe windows:4 windows x86 arch:x86

353ea77f68f25d2a868cba5137ab540c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

FindNextUrlCacheGroup

advapi32

GetUserNameA
RegLoadKeyA
RegSaveKeyA
RegDeleteValueA
RevertToSelf
RegQueryValueExW
CryptGetUserKey
LookupAccountSidA
CryptExportKey
CryptGenRandom
CryptSignHashA
DuplicateToken
CryptGetDefaultProviderW
RegEnumKeyW

kernel32

QueryPerformanceCounter
CompareStringA
GetComputerNameA
UnhandledExceptionFilter
ReadConsoleInputA
MoveFileExA
EnumResourceLanguagesW
GetPrivateProfileStringW
GetLogicalDriveStringsA
EnterCriticalSection
GetExitCodeProcess
SystemTimeToFileTime
WritePrivateProfileStringW
CloseHandle
HeapFree
EnumSystemLocalesW
GetTickCount
TlsAlloc
GetModuleFileNameA
RtlUnwind
SetEnvironmentVariableA
UnlockFileEx
HeapAlloc
GetLocalTime
DeleteCriticalSection
DebugBreak
SetStdHandle
SetHandleCount
FreeEnvironmentStringsW
EnumTimeFormatsW
IsBadWritePtr
GetModuleFileNameW
HeapReAlloc
TlsFree
GetProcAddress
InterlockedExchange
GetPrivateProfileIntW
LeaveCriticalSection
GetThreadPriority
GetCurrentProcessId
GetStdHandle
DeleteFiber
GlobalAddAtomA
OpenMutexA
TlsSetValue
VirtualAlloc
GetSystemTimeAsFileTime
ExitProcess
WriteProfileSectionA
GetStartupInfoA
InitializeCriticalSection
LoadLibraryA
lstrcpyW
FreeEnvironmentStringsA
TerminateProcess
SetLastError
AddAtomA
LCMapStringA
GetStartupInfoW
GetComputerNameW
ConvertDefaultLocale
CreateWaitableTimerW
GetTimeZoneInformation
UnmapViewOfFile
CreateMutexA
MapViewOfFileEx
CreateFileMappingW
GetVersion
WideCharToMultiByte
GetEnvironmentStrings
GetLastError
VirtualQuery
OpenWaitableTimerW
WaitCommEvent
GetCurrentProcess
HeapDestroy
GetStringTypeW
ReadConsoleW
DeleteFileA
CompareStringW
GetCommandLineA
GetFileType
LoadLibraryExA
ReadFile
SetFilePointer
TlsGetValue
LCMapStringW
OutputDebugStringW
GetEnvironmentStringsW
InterlockedDecrement
GetSystemTime
GetModuleHandleA
MultiByteToWideChar
VirtualFree
GetStringTypeA
GetCurrentThread
HeapCreate
FlushFileBuffers
GetCommandLineW
GetCPInfo
EnumResourceNamesA
GetFullPathNameA
InterlockedIncrement
WriteFile
CreateDirectoryExA
GetCurrentThreadId

user32

SetWinEventHook
ReleaseCapture
ShowWindow
RegisterClassA
OemToCharW
LoadMenuIndirectW
KillTimer
MessageBoxA
DestroyWindow
GetIconInfo
DefWindowProcW
DestroyCursor
RegisterClassExA
CreateWindowExA
CopyIcon
DlgDirSelectExW
GrayStringW
OpenInputDesktop
CharLowerBuffW
GetWindowTextLengthA
SetWindowsHookExA
SetParent
DdeQueryConvInfo

comctl32

CreateToolbar
DrawStatusTextW
GetEffectiveClientRect
ImageList_GetIconSize
ImageList_SetFlags
CreateUpDownControl
CreateToolbarEx
ImageList_AddMasked
ImageList_Destroy
InitCommonControlsEx
ImageList_GetImageCount
ImageList_GetImageInfo
CreateMappedBitmap
CreateStatusWindowA
ImageList_GetBkColor
CreatePropertySheetPage
ImageList_Duplicate
ImageList_SetImageCount
ImageList_Remove
DrawInsert
DrawStatusTextA
ImageList_SetDragCursorImage

Sections

.text
Size: 172KB - Virtual size: 168KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 248KB - Virtual size: 245KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 108KB - Virtual size: 131KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 64KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

353ea77f68f25d2a868cba5137ab540c

Headers

File Characteristics

Imports

wininet

advapi32

kernel32

user32

comctl32

Sections

.text Size: 172KB - Virtual size: 168KB

.rdata Size: 248KB - Virtual size: 245KB

.data Size: 108KB - Virtual size: 131KB

.rsrc Size: 64KB - Virtual size: 60KB

.text
Size: 172KB - Virtual size: 168KB

.rdata
Size: 248KB - Virtual size: 245KB

.data
Size: 108KB - Virtual size: 131KB

.rsrc
Size: 64KB - Virtual size: 60KB