3fff0c801cdf99b43f2ef86a41ad680a

General

Target

3fff0c801cdf99b43f2ef86a41ad680a
Size

20KB
MD5

3fff0c801cdf99b43f2ef86a41ad680a
SHA1

c4f66de007d9828e6a0d035a2a75b3f3ae2aee77
SHA256

6de9023e94bbd4c7910cafd69c1123f0cfb0a786d1661f81f114b981c0700b7f
SHA512

57c04d842a70d6b1769fbd17394f87162e86d0c69e398c8969546647c7156a0c11a1b657e089c633b59759ec592b6158fe387bfef40c522e368c3d8a79dd243c
SSDEEP

192:kSGl93PCjsWbim/lg47kGb7zz1ZoZVEVgGtNl61oyon40Tsc64:2v3BWbim/O47iybh61qnFTn64

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3fff0c801cdf99b43f2ef86a41ad680a

Files

3fff0c801cdf99b43f2ef86a41ad680a
.exe windows:4 windows x86 arch:x86

47e6bcbc85b2b2e91db3152110a28b48

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mfc42

ord5186
ord354
ord2393
ord6010
ord1979
ord6385
ord2764
ord3811
ord924
ord665
ord1988
ord690
ord6883
ord801
ord541
ord926
ord858
ord5572
ord825
ord535
ord540
ord2818
ord823
ord2915
ord537
ord860
ord3337
ord5207
ord389
ord800

msvcrt

exit
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
__getmainargs
_acmdln
_controlfp
_XcptFilter
_exit
??1type_info@@UAE@XZ
_onexit
__dllonexit
_mbscmp
sprintf
__CxxFrameHandler
?terminate@@YAXXZ
_except_handler3
_initterm

kernel32

Sleep
GetTickCount
CreateMutexA
CopyFileA
GetSystemDirectoryA
GetModuleFileNameA
GetLastError
GlobalUnlock
GlobalLock
GlobalAlloc
WriteProfileStringA
GetProfileIntA
GetModuleHandleA
GetStartupInfoA

user32

SetClipboardData
EmptyClipboard
OpenClipboard
CloseClipboard
FindWindowExA
GetWindowTextA
SetForegroundWindow
keybd_event
ShowWindow
GetActiveWindow
GetForegroundWindow

advapi32

RegCloseKey
RegSetValueExA
RegOpenKeyA

shell32

ShellExecuteA

Sections

.text
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 980B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

47e6bcbc85b2b2e91db3152110a28b48

Headers

File Characteristics

Imports

mfc42

msvcrt

kernel32

user32

advapi32

shell32

Sections

.text Size: 8KB - Virtual size: 4KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 4KB - Virtual size: 980B

.text
Size: 8KB - Virtual size: 4KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 4KB - Virtual size: 980B