a3368bb0317aad954a0049d2496e36a2

Sharing

Copy URL

Twitter E-mail

General

Target

a3368bb0317aad954a0049d2496e36a2
Size

148KB
MD5

a3368bb0317aad954a0049d2496e36a2
SHA1

493097b2ee9488423f15eb02101365ed57d52656
SHA256

c73d851c5e9cbfe8b6d5491fb4d184ac41309abb04f2b7aff160e071bed79eb5
SHA512

d04d067134b041b9992b26d0f95cf9d90529975a29e3c81570375529b60705e9fb7fc5857b612bd6af1855bf40afa3280db5ef4903c5cc73308ac63a83b6affe
SSDEEP

3072:RYhFL0638oao61rnJauJXJOZX7cuhznWc3wFVRLEwRQxk:aGX1rJaS5OFbWYwRLE7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a3368bb0317aad954a0049d2496e36a2

Files

a3368bb0317aad954a0049d2496e36a2
.exe windows:5 windows x86 arch:x86

ee39a4fdf379ddc54210a3e8799bacd6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

msvcrt

wcsncpy
__getmainargs
_mbsicmp
_except_handler3
__p__fmode
fsetpos
_adjust_fdiv
_isctype
strerror
strcspn
__setusermatherr
strcpy
__p__commode
swprintf
_initterm
_XcptFilter
_controlfp
vsprintf
exit
bsearch
log
_acmdln
__set_app_type

kernel32

GetThreadLocale
SetLastError
DuplicateHandle
GetModuleHandleA
GetSystemDirectoryW
GetStartupInfoA
MoveFileA
GetShortPathNameA
VirtualProtect
GetExitCodeProcess

advapi32

GetSecurityDescriptorDacl
GetTokenInformation
RegEnumKeyA
IsValidSid
RegQueryValueExW
RegFlushKey
RegEnumKeyExW
DeleteService
QueryServiceStatus
RegOpenKeyExW
RegOpenKeyA
RegOpenKeyExA

gdi32

TextOutW
Rectangle
ExtFloodFill
Arc
StartDocA
CreateEllipticRgn
SetTextColor
OffsetViewportOrgEx
GetCharWidthW
GetCurrentObject

shell32

ExtractIconA
SHGetFileInfo
SHGetFolderPathW
ExtractIconExA
SHGetDesktopFolder
SHCreateDirectoryExA

version

VerInstallFileW
GetFileVersionInfoSizeA
VerQueryValueA
GetFileVersionInfoSizeW
VerLanguageNameA
VerInstallFileA
GetFileVersionInfoA
VerFindFileW

ole32

CoTaskMemAlloc
DoDragDrop
CoTaskMemFree
OleRun
CoCreateInstance
OleIsCurrentClipboard
CreateItemMoniker
StgOpenStorageOnILockBytes
CLSIDFromProgID
CoRegisterMessageFilter
CLSIDFromString

user32

GetFocus
GetSystemMetrics
PeekMessageA
GetMenu
RemovePropA
CheckMenuItem
CharNextA
DestroyWindow
SetWindowPlacement
EqualRect
SystemParametersInfoA

oleaut32

SysStringByteLen
SysReAllocStringLen
SysFreeString
VariantInit
SafeArrayPutElement
GetActiveObject
SafeArrayUnaccessData

comctl32

InitializeFlatSB
InitCommonControlsEx
ImageList_GetIcon
ImageList_LoadImageA
InitCommonControls
ImageList_SetIconSize
ImageList_DrawEx

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 112KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ee39a4fdf379ddc54210a3e8799bacd6

Headers

File Characteristics

Imports

msvcrt

kernel32

advapi32

gdi32

shell32

version

ole32

user32

oleaut32

comctl32

Sections

.text Size: 3KB - Virtual size: 2KB

.rdata Size: 15KB - Virtual size: 14KB

.data Size: 17KB - Virtual size: 40KB

.rsrc Size: 112KB - Virtual size: 112KB

.text
Size: 3KB - Virtual size: 2KB

.rdata
Size: 15KB - Virtual size: 14KB

.data
Size: 17KB - Virtual size: 40KB

.rsrc
Size: 112KB - Virtual size: 112KB