3bc2c7cc924b87108429a7d64fdfe54f6804d158c853e5375e61cb4c871e2639

Sharing

Copy URL

Twitter E-mail

General

Target

3bc2c7cc924b87108429a7d64fdfe54f6804d158c853e5375e61cb4c871e2639
Size

1.6MB
MD5

ec6878849a30cad1ddb5ab3ff4921124
SHA1

0c1208b6d2e153352b8c4ccc345ff30281ab2af9
SHA256

3bc2c7cc924b87108429a7d64fdfe54f6804d158c853e5375e61cb4c871e2639
SHA512

773e7e196bec58000b626b0ea12adf300381ca324e0c70dc7e262da8d0a12b6c41fd673d78010886233888435a7d426fe1b9fe1f60546ac821992c067c120edb
SSDEEP

49152:EjHXDFsUDmgxgvW5WvyaA7u/bY/AGohDSl:Ej3DrDLADvtA7cxZI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3bc2c7cc924b87108429a7d64fdfe54f6804d158c853e5375e61cb4c871e2639

Files

3bc2c7cc924b87108429a7d64fdfe54f6804d158c853e5375e61cb4c871e2639
.dll windows:5 windows x86 arch:x86

5bf17d3419d69e660fc7a469a26db7c2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

DrawEdge
CreateDialogIndirectParamW
IsCharLowerA
ChangeMenuA
ShowWindowAsync
BeginDeferWindowPos
MessageBeep
GetGUIThreadInfo
DrawMenuBar
GetMenuDefaultItem
SetMenuItemInfoA

oleaut32

GetRecordInfoFromGuids

crypt32

CryptGetOIDFunctionAddress

wintrust

WTHelperGetProvCertFromChain

rpcrt4

RpcMgmtInqServerPrincNameW

kernel32

SetStdHandle
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
TerminateProcess
EraseTape
GetExitCodeProcess
GetModuleFileNameA
GetModuleHandleW
GetProcAddress
GetBinaryTypeA
DeleteAtom
GetLastError
IsProcessInJob
SetConsoleScreenBufferSize
GetSystemTimeAsFileTime
HeapUnlock
CloseHandle
CreateFileA
LoadLibraryW
ExitProcess
SetFilePointer
GetLocaleInfoA
EnterCriticalSection
LeaveCriticalSection
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetStdHandle
DeleteCriticalSection
Sleep
HeapFree
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
IsValidCodePage
TlsGetValue
TlsSetValue
SetLastError
GetCurrentThreadId
WideCharToMultiByte
RtlUnwind
InitializeCriticalSectionAndSpinCount
HeapAlloc
HeapReAlloc
VirtualFree
VirtualAlloc
WriteFile
LoadLibraryA
GetConsoleCP
GetConsoleMode
FlushFileBuffers
LCMapStringA
MultiByteToWideChar
LCMapStringW
GetStringTypeA
GetStringTypeW

ole32

CoUninitialize

advapi32

SetKernelObjectSecurity
RegOpenCurrentUser

gdi32

GetNearestPaletteIndex
SelectClipRgn
PatBlt
GetPixel
DeleteMetaFile
PolyDraw

shell32

SHOpenFolderAndSelectItems

powrprof

GetPwrCapabilities

Exports

Exports

HfnydnnetafseN

Sections

.text
Size: 88KB - Virtual size: 85KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 116KB - Virtual size: 123KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1016B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5bf17d3419d69e660fc7a469a26db7c2

Headers

File Characteristics

Imports

user32

oleaut32

crypt32

wintrust

rpcrt4

kernel32

ole32

advapi32

gdi32

shell32

powrprof

Exports

Exports

Sections

.text Size: 88KB - Virtual size: 85KB

.rdata Size: 1.4MB - Virtual size: 1.4MB

.data Size: 116KB - Virtual size: 123KB

.rsrc Size: 4KB - Virtual size: 1016B

.reloc Size: 20KB - Virtual size: 18KB

.text
Size: 88KB - Virtual size: 85KB

.rdata
Size: 1.4MB - Virtual size: 1.4MB

.data
Size: 116KB - Virtual size: 123KB

.rsrc
Size: 4KB - Virtual size: 1016B

.reloc
Size: 20KB - Virtual size: 18KB