a3bb5a9df8bfa1c9eb553a0f2cb6e4b1

Sharing

Copy URL Twitter E-mail

General

Target

a3bb5a9df8bfa1c9eb553a0f2cb6e4b1
Size

416KB
MD5

a3bb5a9df8bfa1c9eb553a0f2cb6e4b1
SHA1

37f4fac34011fef41f4f0a6896cc0ddefe7ce2c8
SHA256

2344a3e435a1ba3678c34bb068b349a5c139d51eba66ee07179af032f272feb1
SHA512

5991e89b17d4fc28d285a3a6b97154470991f03745a9ae1d16d569020f870cfd52e8e554ee5db8b495ef0090199177550bf1cf4fc0c332cd23b041074c912b8c
SSDEEP

12288:uk7o8EbtEGM2UD5rDYIaDkyCD7vygDJC2n:u6of7M2UVeDkyCfy4Bn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a3bb5a9df8bfa1c9eb553a0f2cb6e4b1

Files

a3bb5a9df8bfa1c9eb553a0f2cb6e4b1
.exe windows:4 windows x86 arch:x86

ef1c7fbe3737845a2d2c511f201c7459

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

CreateDesktopA
DialogBoxParamW
SetSystemCursor
GetCursorInfo
EnumDisplaySettingsA
GetLastActivePopup
DdeConnect
ReuseDDElParam
DdeFreeStringHandle
GetSystemMenu
DdeDisconnectList
EnableScrollBar
EnumDesktopsA
ShowWindow
LoadImageW
EnumDesktopWindows
DrawStateA
DdeImpersonateClient
GetComboBoxInfo

wininet

InternetShowSecurityInfoByURLA
FtpSetCurrentDirectoryW
DeleteUrlCacheGroup
FtpGetCurrentDirectoryA

kernel32

VirtualQuery
CompareStringW
GetStringTypeA
GetLocaleInfoA
GetTickCount
GetStartupInfoA
IsValidLocale
HeapAlloc
GetLastError
GetStringTypeW
InterlockedExchange
GetUserDefaultLCID
GetSystemTimeAdjustment
LCMapStringA
GetLocaleInfoW
RtlUnwind
UnhandledExceptionFilter
WriteFile
GetProcAddress
MultiByteToWideChar
HeapCreate
TlsSetValue
GetACP
GetCurrentProcess
GetEnvironmentStringsW
GetSystemInfo
HeapFree
HeapDestroy
GetCPInfo
VirtualProtect
GetCurrentThread
GetCommandLineA
GetDateFormatA
GetOEMCP
GetCommandLineW
TlsAlloc
GetSystemTimeAsFileTime
GetStdHandle
VirtualAlloc
InitializeCriticalSection
FreeEnvironmentStringsA
GetTimeZoneInformation
QueryPerformanceCounter
VirtualFree
LeaveCriticalSection
LCMapStringW
TlsGetValue
GetModuleHandleA
HeapReAlloc
GetModuleFileNameW
EnterCriticalSection
GetEnvironmentStrings
WideCharToMultiByte
TlsFree
GetFileType
ExitProcess
GetTimeFormatA
GetVersionExA
GetStartupInfoW
LoadLibraryA
GetCurrentThreadId
SetEnvironmentVariableA
GlobalFree
RaiseException
SetHandleCount
EnumSystemLocalesA
IsValidCodePage
FreeEnvironmentStringsW
HeapSize
GetModuleFileNameA
GetCurrentProcessId
SetLastError
DeleteCriticalSection
CompareStringA
IsBadWritePtr
TerminateProcess

comdlg32

PageSetupDlgA
GetFileTitleW
ChooseFontA
PageSetupDlgW

gdi32

SelectClipRgn

Sections

.text
Size: 119KB - Virtual size: 118KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 277KB - Virtual size: 277KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ef1c7fbe3737845a2d2c511f201c7459

Headers

File Characteristics

Imports

user32

wininet

kernel32

comdlg32

gdi32

Sections

.text Size: 119KB - Virtual size: 118KB

.rdata Size: 7KB - Virtual size: 29KB

.data Size: 277KB - Virtual size: 277KB

.rsrc Size: 11KB - Virtual size: 10KB

.text
Size: 119KB - Virtual size: 118KB

.rdata
Size: 7KB - Virtual size: 29KB

.data
Size: 277KB - Virtual size: 277KB

.rsrc
Size: 11KB - Virtual size: 10KB