75cbf3c0cbeb09fb1f900d3b83d426e0

Sharing

Copy URL Twitter E-mail

General

Target

75cbf3c0cbeb09fb1f900d3b83d426e0
Size

92KB
MD5

75cbf3c0cbeb09fb1f900d3b83d426e0
SHA1

d2210918f3dc0d50327657574afd9d48bd45df57
SHA256

1ea3f907a71876035422b5d7f45c409bb2c1eeaf29e42f15cf556e42f980cf9e
SHA512

c1b1d4a6579e9ad98f3db3cbe70a15190949e34c7c360ee59e3ff4ca9ac5b28b2930f3527e73e95550e9a703fbd8b6d31a057e118b688709e9e64444c2abfb39
SSDEEP

1536:bpIZrC0/kOfpC7/XnlcEzrUuzEyH38xZox2SaQGWpTdhBLvpPr38SaCjUu:bpIZr//kOfpCTyWzcxZFDEhbPrMSaAUu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
75cbf3c0cbeb09fb1f900d3b83d426e0

Files

75cbf3c0cbeb09fb1f900d3b83d426e0
.exe windows:4 windows x86 arch:x86

395c3b940877345d1693796de1062668

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

HeapUnlock
GetComputerNameA
FindNextVolumeMountPointA
ReadConsoleOutputA
InterlockedCompareExchange
LocalFileTimeToFileTime
GetSystemTimeAsFileTime
GetVersionExA
GetEnvironmentStringsA
IsValidCodePage
RegisterWowExec
VDMOperationStarted
LCMapStringW
OpenConsoleW
DosDateTimeToFileTime
FreeEnvironmentStringsA
EnumResourceNamesW
WinExec
FoldStringW
SetEnvironmentVariableW
ReplaceFileW
GetDiskFreeSpaceW
GetLastError
VirtualProtect
GetNumberOfConsoleFonts
LocalLock
NlsConvertIntegerToString
SetEnvironmentVariableA
IsBadWritePtr
GetSystemDefaultLangID
PeekConsoleInputA
OutputDebugStringW
GetProcessIoCounters
SetMailslotInfo
GetLogicalDrives
GetConsoleOutputCP
IsBadStringPtrW

user32

SendDlgItemMessageW
LoadBitmapW
DestroyMenu
SetProgmanWindow
SetDebugErrorLevel
KillSystemTimer
GetDoubleClickTime
ReplyMessage
CreateMDIWindowW
SetDlgItemInt
TileWindows
wsprintfW
RegisterDeviceNotificationW
GetCursor
GetGuiResources
MessageBoxExW
EnumDisplayDevicesW
SetLayeredWindowAttributes
DdeSetUserHandle
GetDlgItemInt
DdeDisconnect
EnumDisplaySettingsA
SetSystemTimer
CallMsgFilterA
AdjustWindowRectEx

gdi32

EngPlgBlt
GetStockObject
GdiEntry1
GdiPlayScript
EngEraseSurface
CreatePatternBrush
EngTransparentBlt
CreateMetaFileA
EngLoadModule
GetROP2
GetEUDCTimeStampExW
EnumFontsA
PolylineTo
StrokeAndFillPath
ResetDCW
GdiAddFontResourceW
GdiGetLocalBrush
STROBJ_bGetAdvanceWidths
FONTOBJ_cGetAllGlyphHandles
GdiEntry6
GetPixel
CreateFontIndirectA
GdiIsPlayMetafileDC
GetMapMode

comdlg32

ReplaceTextW
Ssync_ANSI_UNICODE_Struct_For_WOW
LoadAlterBitmap
ChooseFontA
dwOKSubclass
CommDlgExtendedError
dwLBSubclass
PrintDlgW
PageSetupDlgW
GetOpenFileNameW
GetSaveFileNameA

Sections

.text
Size: 4KB - Virtual size: 176KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 84KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

395c3b940877345d1693796de1062668

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

Sections

.text Size: 4KB - Virtual size: 176KB

.data Size: 84KB - Virtual size: 84KB

.idata Size: 3KB - Virtual size: 4KB

.text
Size: 4KB - Virtual size: 176KB

.data
Size: 84KB - Virtual size: 84KB

.idata
Size: 3KB - Virtual size: 4KB