3fe28fba34d8d33c93982100ea3d6093

Sharing

Copy URL Twitter E-mail

General

Target

3fe28fba34d8d33c93982100ea3d6093
Size

473KB
MD5

3fe28fba34d8d33c93982100ea3d6093
SHA1

01e123bde77f16e132de437d2ee59afe0da26c06
SHA256

a3842a8b2bbb5ac150774db12f408a7cfcd7c10840f823a5d73287b1fed14f3b
SHA512

045eebffb615b26b0ff121da53d1d275dec52017e4c1176da278b7bb3f963af543db56ed669b7d8c829e2767cc812185da8294000d0339c81da1771640702300
SSDEEP

12288:xuxbXf2md9I7r4ZNM9SqRxhZdhgAuB4TgT7vl:MxbXC7reSouhZdqAc7v

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3fe28fba34d8d33c93982100ea3d6093

Files

3fe28fba34d8d33c93982100ea3d6093
.exe windows:4 windows x86 arch:x86

2e94087585fa8eca61b88280bb362cf1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

LookupAccountNameW
AbortSystemShutdownW
RegOpenKeyA
RegQueryInfoKeyA
LogonUserA
RegReplaceKeyA
GetUserNameA
LogonUserW
RegConnectRegistryW
CryptDuplicateKey
CryptGetProvParam
RegNotifyChangeKeyValue
RegOpenKeyExA
CryptGetHashParam
RegEnumKeyW
CryptDuplicateHash
LookupPrivilegeNameW
RegQueryValueA

shell32

ShellAboutA
CheckEscapesW
SHGetInstanceExplorer

comctl32

InitCommonControlsEx

wininet

InternetDialW
FtpPutFileA

user32

GetNextDlgGroupItem
ReuseDDElParam
SetDlgItemInt
AppendMenuW
LookupIconIdFromDirectory
DdeUnaccessData
GetQueueStatus
LoadAcceleratorsA
DdeImpersonateClient
RegisterClassExA
VkKeyScanExW
GetMessagePos
RegisterClassA
CallMsgFilterW
MessageBeep
AdjustWindowRectEx
ShowCursor
SetWindowRgn
WINNLSGetEnableStatus
OemKeyScan
DdeFreeStringHandle
DrawStateW
GetProcessWindowStation
SetWindowLongA
GetTabbedTextExtentW
LoadCursorA
KillTimer

kernel32

SetEnvironmentVariableA
GetCPInfo
FreeEnvironmentStringsW
GetLastError
TlsGetValue
GetModuleFileNameA
GetCommandLineW
InterlockedExchange
SetFilePointer
CompareStringW
WideCharToMultiByte
LoadLibraryA
FreeEnvironmentStringsA
ExitProcess
HeapFree
GetModuleFileNameW
HeapCreate
CommConfigDialogA
FindResourceExA
FindResourceW
EnumSystemLocalesA
GetUserDefaultLCID
GetProcAddress
SetLastError
GetTickCount
GetCurrentThreadId
GetStartupInfoW
EnterCriticalSection
GetStartupInfoA
GetCurrentProcess
GetFileTime
FoldStringW
WriteConsoleA
GetLocaleInfoA
CompareStringA
RtlUnwind
GetACP
VirtualProtect
FlushInstructionCache
DeleteCriticalSection
HeapDestroy
MultiByteToWideChar
GetSystemInfo
InitializeCriticalSection
LeaveCriticalSection
IsBadWritePtr
SetStdHandle
VirtualFree
UnhandledExceptionFilter
CloseHandle
CreateMutexA
GetEnvironmentStrings
LCMapStringW
HeapAlloc
HeapSize
GetSystemTimeAsFileTime
GetFileType
GetPrivateProfileStructW
lstrcmpiA
WriteFile
IsValidLocale
GetVersionExA
TlsAlloc
GetStringTypeW
GetSystemTime
OpenMutexA
GetCommandLineA
FlushFileBuffers
IsValidCodePage
VirtualAlloc
TlsFree
GetTimeZoneInformation
TlsSetValue
SetHandleCount
GetCurrentProcessId
GetEnvironmentStringsW
GetLocaleInfoW
HeapReAlloc
ReadFile
QueryPerformanceCounter
TerminateProcess
GetOEMCP
GetStdHandle
VirtualQuery
GetCurrentThread
LCMapStringA
GetStringTypeA
GetVersion
CreateMutexW
GetDateFormatA
GetTimeFormatA
GetModuleHandleA

Sections

.text
Size: 143KB - Virtual size: 143KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 309KB - Virtual size: 308KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2e94087585fa8eca61b88280bb362cf1

Headers

File Characteristics

Imports

advapi32

shell32

comctl32

wininet

user32

kernel32

Sections

.text Size: 143KB - Virtual size: 143KB

.rdata Size: 9KB - Virtual size: 19KB

.data Size: 309KB - Virtual size: 308KB

.rsrc Size: 10KB - Virtual size: 10KB

.text
Size: 143KB - Virtual size: 143KB

.rdata
Size: 9KB - Virtual size: 19KB

.data
Size: 309KB - Virtual size: 308KB

.rsrc
Size: 10KB - Virtual size: 10KB