3fd785ce00739954914f05c91e845e08

Sharing

Copy URL Twitter E-mail

General

Target

3fd785ce00739954914f05c91e845e08
Size

58KB
MD5

3fd785ce00739954914f05c91e845e08
SHA1

5f4f05a9163a1381f329c8c2643f8431852f4028
SHA256

22013a8d27314e3a677107eb1fe4789aafb925408f10ad3f90d812f91108846e
SHA512

5e2d62a228e6494a7b7abea136d61b023e2a61e51303864be9ea1c211374216930470a1b100c71b89f643f6b091c79eff2fe93f33b69ce6c14e614fdfd7e1fe7
SSDEEP

1536:HD2V5b9oFrtautYiy23UetnIDJX9oTnh/hFmE:HDub9ctaYkeniJcphs

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3fd785ce00739954914f05c91e845e08

Files

3fd785ce00739954914f05c91e845e08
.dll windows:5 windows x86 arch:x86

b3f07ce92ae2dea11c0518f30f52aad9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

iprtqcap

_LDscale
_Exp
_Tolower
_Inf
_FDscale
_LExp
_Hugeval
_Getctype
_LRteps
_LEps
_Strcoll
_LSnan
_FDnorm
_LSinh
_Xbig
_Cosh

kernel32

ReadFile
WaitForMultipleObjects
IsBadReadPtr
VirtualAlloc
lstrlenA
VirtualLock
lstrcpyA
GetModuleHandleA
GetPriorityClass
CloseHandle
FindFirstFileA
UnmapViewOfFile
CreatePipe
GlobalLock
WriteFile
lstrlenW
SetPriorityClass
VirtualFree
GlobalAlloc
VirtualQuery
TerminateProcess
SetFileAttributesA
SetEndOfFile
DeleteFileA
FindNextFileA
GetCurrentThread
CreateFileA
OutputDebugStringA
VirtualProtectEx
GetVersion
FindClose
CopyFileA
Sleep
WritePrivateProfileStructA
GetPrivateProfileStringA
MapViewOfFile
IsProcessorFeaturePresent
VirtualUnlock
SetCurrentDirectoryA
WaitForSingleObject
GetFileSize
GetStartupInfoA
GetModuleFileNameA
VirtualQueryEx
CreateFileMappingA
SetFilePointer
GlobalUnlock

comctl32

ImageList_Destroy

user32

LoadCursorA
SendMessageA
IsZoomed
EndDialog
wvsprintfA
GetParent
DestroyIcon
GetClipboardData
SetFocus
DestroyCursor
SetWindowLongA
SetClipboardData
GetDlgItem
ShowWindow
EnableWindow
GetClassInfoA
GetActiveWindow
CheckMenuRadioItem
GetAsyncKeyState
MoveWindow
SetWindowPos
SetClassLongA
GetCursorPos
IsIconic
SendDlgItemMessageA
SetMenuItemInfoA
GetWindowDC
ScreenToClient
CharLowerA
CharUpperA
OpenClipboard
EmptyClipboard
MessageBeep

msvcrt

gmtime
malloc
toupper
_timezone
realloc
strstr
free

gdi32

DeleteObject
SetTextColor

advapi32

LookupPrivilegeValueA
RegSetValueExA
AdjustTokenPrivileges
OpenProcessToken
RegCreateKeyExA

shell32

DragQueryFileA
DragAcceptFiles

imagehlp

BindImageEx
CheckSumMappedFile
ImageRvaToSection

Exports

Exports

CreateProcessNotify
memerif

Sections

.text
Size: 49KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b3f07ce92ae2dea11c0518f30f52aad9

Headers

File Characteristics

Imports

iprtqcap

kernel32

comctl32

user32

msvcrt

gdi32

advapi32

shell32

imagehlp

Exports

Exports

Sections

.text Size: 49KB - Virtual size: 52KB

.rdata Size: 3KB - Virtual size: 4KB

.data Size: 2KB - Virtual size: 4KB

.rsrc Size: 1KB - Virtual size: 4KB

.reloc Size: 512B - Virtual size: 4KB

.text
Size: 49KB - Virtual size: 52KB

.rdata
Size: 3KB - Virtual size: 4KB

.data
Size: 2KB - Virtual size: 4KB

.rsrc
Size: 1KB - Virtual size: 4KB

.reloc
Size: 512B - Virtual size: 4KB