a3cbe919b8f775616384a7c5204be1d1

Sharing

Copy URL Twitter E-mail

General

Target

a3cbe919b8f775616384a7c5204be1d1
Size

1.3MB
MD5

a3cbe919b8f775616384a7c5204be1d1
SHA1

a794b92d2ebc783438ff54681a1c51a9420e1a87
SHA256

cf8e98017d434469dc38c0df69015993d17ba34222a88419e40cb702ede65cff
SHA512

4c0041c6bbd87637199faf3b91480f681daaacc23f735464e5ba5a1520a0c729783fa788445a403516148ae806af28a742d4af9cf59064df7d75025d49ac6bd2
SSDEEP

24576:sYNT280xcqcdq3qUL6JvhXQCZFDQBshFHQhNDWnhLHK0RbQT3rMv:6cqcdq3qUL61ZQaAALqabe4v

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a3cbe919b8f775616384a7c5204be1d1

Files

a3cbe919b8f775616384a7c5204be1d1
.exe windows:5 windows x86 arch:x86

350b0ebd0296e8028d3ba95bef84c684

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Referenc\Release\bearings.pdb

Imports

kernel32

HeapSize
HeapReAlloc
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
GetModuleFileNameA
DeleteFileW
WideCharToMultiByte
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
GetFileAttributesExW
GetCurrentThreadId
LoadLibraryW
LoadLibraryExW
CreateThread
WaitForSingleObjectEx
HeapQueryInformation
FlushFileBuffers
GetConsoleCP
GetConsoleMode
SetFilePointerEx
GetStringTypeW
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
SetStdHandle
SetEndOfFile
ReadFile
ReadConsoleW
FormatMessageA
LoadLibraryA
EnumResourceTypesA
EnumResourceNamesA
GetLastError
OutputDebugStringA
VirtualAlloc
lstrlenA
CreateEventA
WaitForSingleObject
LocalAlloc
GetCurrentProcess
GetProcessHeap
HeapAlloc
HeapFree
ExitProcess
GetModuleHandleA
GetFileSize
SetFilePointer
WriteFile
OutputDebugStringW
GetSystemInfo
HeapValidate
GetModuleHandleW
GetStartupInfoW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
TerminateProcess
SetLastError
SetUnhandledExceptionFilter
UnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
GetCommandLineA
AreFileApisANSI
GetProcAddress
MultiByteToWideChar
GetThreadLocale
GetCurrentDirectoryW
SetCurrentDirectoryW
GetCurrentDirectoryA
SetCurrentDirectoryA
SetEnvironmentVariableA
GetFullPathNameA
CreateFileW
CloseHandle
GetDriveTypeW
WriteConsoleW
GetFileType
GetStdHandle
RaiseException
RtlUnwind
IsProcessorFeaturePresent
DecodePointer
EncodePointer
IsDebuggerPresent
GetModuleHandleExW
GetModuleFileNameW
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
InterlockedDecrement
InterlockedIncrement

user32

SetFocus
IsWindowEnabled
GetWindowTextW
MessageBoxW
UpdateWindow
GetWindowLongA
LoadStringW
LoadMenuA
SendMessageA
GetDlgItem
EnableWindow
SetWindowTextW
RegisterClassExA
InvalidateRect
GetCursorPos
SetWindowTextA
PostQuitMessage
GetDC
ReleaseDC
DispatchMessageA
TranslateMessage
CharLowerA
SetWindowLongA
ShowWindow
GetMessageA
GetWindowTextLengthA
DestroyWindow
CreateDialogParamA
MessageBoxA
DefMDIChildProcA
GetClipboardData
OemKeyScan
GetSysColor
SetCapture
SendDlgItemMessageA
GetScrollRange
LoadImageA
SetActiveWindow
GetClientRect
ClientToScreen
IsDialogMessageA

gdi32

GetTextExtentPoint32A
SetBkColor
TextOutA
ExcludeClipRect
SetStretchBltMode
StretchBlt
GetStockObject
SelectObject

comdlg32

GetSaveFileNameW
GetOpenFileNameW
CommDlgExtendedError

advapi32

GetUserNameW
RegOpenKeyExA
AllocateAndInitializeSid
FreeSid
GetLengthSid
InitializeAcl
AddAccessAllowedAce
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
SetSecurityDescriptorOwner
SetSecurityDescriptorGroup
SetFileSecurityA
OpenProcessToken
GetTokenInformation
CopySid
SetFileSecurityW
GetFileSecurityW
LookupAccountNameW
GetSecurityDescriptorDacl
AddAccessDeniedAce
GetAce
AddAce
IsValidAcl
IsValidSecurityDescriptor
RegCloseKey

shell32

SHBrowseForFolderA
SHGetPathFromIDListW
SHBrowseForFolderW

ole32

StgOpenStorage
StgCreateDocfile

netapi32

NetApiBufferFree
NetShareGetInfo

userenv

UnloadUserProfile
CreateEnvironmentBlock
UnregisterGPNotification

msvfw32

ICCompressorChoose

msacm32

acmDriverOpen

winscard

SCardGetProviderIdW

msimg32

GradientFill

shlwapi

PathRemoveFileSpecW
PathAppendW
PathFindFileNameW
PathIsDirectoryW
PathCompactPathW

comctl32

ord17

rpcrt4

RpcStringFreeA
UuidCreate
UuidToStringA

dbghelp

SymEnumerateModules
SymEnumTypes
SymEnumerateSymbolsW

setupapi

SetupDiGetClassDevsA

rasapi32

RasGetConnectionStatistics

gdiplus

GdipDeleteGraphics
GdipFree
GdipDisposeImage
GdipSaveImageToFile
GdipDrawImageRectI
GdipCreateFromHDC
GdipCreateBitmapFromHBITMAP
GdipAlloc
GdipCloneImage

ws2_32

inet_addr
socket
connect

Sections

.text
Size: 274KB - Virtual size: 274KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text1
Size: 512B - Virtual size: 416B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 102KB - Virtual size: 102KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data1
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.debug_o
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.trace
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 879KB - Virtual size: 878KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

350b0ebd0296e8028d3ba95bef84c684

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

netapi32

userenv

msvfw32

msacm32

winscard

msimg32

shlwapi

comctl32

rpcrt4

dbghelp

setupapi

rasapi32

gdiplus

ws2_32

Sections

.text Size: 274KB - Virtual size: 274KB

.text1 Size: 512B - Virtual size: 416B

.rdata Size: 102KB - Virtual size: 102KB

.data Size: 9KB - Virtual size: 18KB

.text Size: 6KB - Virtual size: 5KB

.data1 Size: 6KB - Virtual size: 5KB

.debug_o Size: 7KB - Virtual size: 6KB

.trace Size: 2KB - Virtual size: 2KB

_RDATA Size: 1KB - Virtual size: 1KB

.rsrc Size: 879KB - Virtual size: 878KB

.text
Size: 274KB - Virtual size: 274KB

.text1
Size: 512B - Virtual size: 416B

.rdata
Size: 102KB - Virtual size: 102KB

.data
Size: 9KB - Virtual size: 18KB

.text
Size: 6KB - Virtual size: 5KB

.data1
Size: 6KB - Virtual size: 5KB

.debug_o
Size: 7KB - Virtual size: 6KB

.trace
Size: 2KB - Virtual size: 2KB

_RDATA
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 879KB - Virtual size: 878KB