b3ebd6998888be25f3cf7b94a7d7cbb2

Sharing

Copy URL Twitter E-mail

General

Target

b3ebd6998888be25f3cf7b94a7d7cbb2
Size

165KB
MD5

b3ebd6998888be25f3cf7b94a7d7cbb2
SHA1

14d53beab715498ba4e54dfd697c772668135b44
SHA256

09edae2e34831186bd30b17a53e3804be86020b176361abdd83d15388f831c7d
SHA512

895e9402024977413fd82d6beb034d424e9c63c7bf7ef4a248c002ea23fc5a3b1d111b0abb9823d1321e82f7319ec4be53c2935f844ddb4b74183017ad26a5fa
SSDEEP

3072:QuUPLNa+npncvFVb5VYWruTb5npjcb7q2VCQLQGuJ:aL0+npncvTbjCjjcb7I

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b3ebd6998888be25f3cf7b94a7d7cbb2

Files

b3ebd6998888be25f3cf7b94a7d7cbb2
.exe windows:4 windows x86 arch:x86

f7c6d8635cbb5f72b0894195da27d1cb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetFileAttributesA
HeapAlloc
HeapCreate
HeapDestroy
GetProcessHeap
HeapReAlloc
HeapSize
HeapFree
CompareStringA
WriteConsoleA
GetCommandLineW
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
UnmapViewOfFile
MapViewOfFile
CreateFileA
ReadFile
WriteFile
GetFileSize
SetEndOfFile
CloseHandle
lstrcpyA
FindResourceA
FindResourceW
LoadResource
SizeofResource
FreeResource
FindFirstFileW
FindNextFileW
FindClose
CreateFileW
CreateThread
GetCurrentThreadId
ResumeThread
ExitThread
TerminateThread
IsValidCodePage
CopyFileA
SetThreadLocale
GetLocaleInfoA
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
FileTimeToDosDateTime
SetThreadPriority
IsDBCSLeadByte
GetTempPathW
VirtualAlloc
WritePrivateProfileStringA
TlsAlloc
TlsGetValue
TlsFree
LockResource
IsBadWritePtr
GetTempPathA
RemoveDirectoryA
GetACP
CreateEventA
CreateEventW
SetEvent
ResetEvent
FreeEnvironmentStringsW
EnumCalendarInfoA
FormatMessageA
CreateMutexA
ReleaseMutex
GetModuleHandleA
lstrcmpiW
GetStringTypeExA
FreeEnvironmentStringsA
TlsSetValue
GetShortPathNameA
UnhandledExceptionFilter
InterlockedCompareExchange
InterlockedIncrement
CreateFileMappingA
OpenProcess
GetSystemTimeAsFileTime
GetThreadLocale
LocalFree
WaitForSingleObject
LoadLibraryA
LoadLibraryW
LoadLibraryExA
GetProcAddress
SetFileAttributesW
CompareFileTime
DeviceIoControl
InterlockedDecrement
GetTimeZoneInformation
FindFirstFileA
FindNextFileA
GetOEMCP
GetVersionExW
GetStringTypeW
FileTimeToSystemTime
GetFileTime
RaiseException
GetFileType
RtlUnwind
MultiByteToWideChar
GetModuleFileNameA
GetSystemInfo
TerminateProcess
lstrcatA
LoadLibraryExW
VirtualProtect
MulDiv
GetStdHandle
FlushFileBuffers
SetHandleCount
GetStringTypeA
ExitProcess
GetSystemDirectoryW
LocalFileTimeToFileTime
lstrlenW
GetDateFormatA
GlobalLock
GetSystemDefaultLCID
GetModuleFileNameW
SetCurrentDirectoryA
GetDiskFreeSpaceA
GetFileAttributesA
GetEnvironmentStringsW
CreateProcessA
GetLocalTime
GetConsoleMode
GetEnvironmentStrings
IsBadReadPtr
GetLastError
GetCurrentThread
GetExitCodeThread
GetVersionExA
GetCurrentProcessId
CreateProcessW
lstrcpynA

msvcrt

rewind
strerror
_wcsupr
_fullpath
localeconv
__lc_codepage
isleadbyte
_snprintf
_wfopen
_filelengthi64
_acmdln
abort
wcslen
_c_exit
realloc
setlocale
_mkdir
_wtol
strcat
fread
calloc
_vsnprintf
tolower
strrchr
_XcptFilter
_unlink
_getpid
_snwprintf
_cexit
atol
wcsrchr
_read
_mbsrchr
clearerr
__mb_cur_max
_lock
_mktemp
fclose
_pctype
malloc
_open_osfhandle
wcscmp
__badioinfo
_stat
iswctype
_wcsicmp
rename
_initterm
_close
wcstoul
_beginthreadex
memcpy
ftell
_putenv
_strnicmp
strncmp
_getcwd
srand
_adjust_fdiv
sprintf
fgets
bsearch
remove
__p__environ
_wcslwr
strchr
signal
_itoa
towupper
_flsbuf
swprintf
isspace
strpbrk
floor
ctime
_ismbblead
__set_app_type
strcspn
sscanf
atexit
wcstombs
_chmod
__getmainargs
strtol
_purecall
fgetpos
wcscat
_except_handler3
_ultoa
ungetc
__dllonexit
fsetpos
getenv
strtok
strtoul
__pioinfo
wcscspn
wcsncmp
printf
sqrt
vsprintf
_CIpow
log
wcsstr
__p__fmode
gmtime
longjmp
_open
fputc
fopen
_mbscmp
_setjmp3
_umask
_dup
_exit
wcsncpy
_errno
towlower
strstr
_fstat
__p___initenv
atof
_controlfp
toupper
rand
_unlock
_strcmpi
fgetc
_pipe
free
ceil
wcschr
_wtoi
_ftol
strlen
isdigit
fseek
clock
fflush
_filbuf
fputs
_CIsqrt
_vsnwprintf
fwrite
qsort
memmove
_kbhit
localtime
_iob
__p__commode
pow
_get_osfhandle
_fdopen
memset
putchar
exit
_setjmp
_lseeki64
_assert
memcmp
_strdup
wctomb
strcmp
__initenv
_dup2
_strlwr
_amsg_exit
_fileno
perror
iswspace
_isatty
puts
_wcsnicmp
_mbsicmp
__setusermatherr
sin
strspn
_isctype
iswdigit
atoi
swscanf
_lseek
strncat
_getch
fprintf
_osver
time
_itow
_onexit
_utime
memchr
strcpy
cos
wcstol

user32

RegisterClassA
IsRectEmpty
SendMessageA
SetClassLongA
RegisterWindowMessageA
DrawFrameControl
GetCapture
CloseClipboard
GetFocus
WindowFromPoint
GetSysColor
AdjustWindowRectEx
GetActiveWindow
CreateWindowExA
EnumWindows
IsZoomed
ShowCursor
SetScrollInfo
SendDlgItemMessageA
SetForegroundWindow
RegisterClipboardFormatA
SetActiveWindow
OffsetRect
InsertMenuA
TrackPopupMenu
SetWindowPlacement
SetClipboardData
SetPropA
PtInRect
SetCapture
GetLastActivePopup
BeginPaint
MapWindowPoints
LoadBitmapA
GetWindowRect
EndDialog
EnableMenuItem
GetForegroundWindow
DrawIcon
DrawTextA
CreateMenu
GetClientRect
DispatchMessageA
InflateRect
GetKeyboardType
GetScrollRange
InvalidateRect
GetWindowPlacement
RedrawWindow
SetWindowTextA
DrawMenuBar
DeleteMenu
GetSysColorBrush
GetMenuState
ShowWindow
ScrollWindow
LoadIconA
FindWindowA
UnregisterClassA
GetParent
GetScrollPos
SystemParametersInfoA
UnhookWindowsHookEx
wsprintfA
DefWindowProcA
SetWindowLongA
GetScrollInfo
GetSystemMenu
GetCursorPos
EndPaint
CheckMenuItem
GetDlgItem
GetPropA
CallWindowProcA
GetTopWindow
GetClassInfoA
GetWindowLongA
EnumThreadWindows
GetMessageA
SetRect
ClientToScreen
GetDesktopWindow
SetCursor
CharNextA
ScreenToClient
SetTimer
GetWindowThreadProcessId
SetFocus
InsertMenuItemA
FrameRect
DrawIconEx
GetWindowTextA
SetScrollRange
MessageBoxA
CreatePopupMenu
LoadCursorA
GetMenu
KillTimer
GetMenuStringA
IntersectRect
GetMenuItemCount
CharLowerA
GetWindow
GetKeyState
GetIconInfo
EnableWindow
IsWindow
RemoveMenu
GetSystemMetrics
IsChild
DrawEdge
OemToCharA
PeekMessageA
GetDCEx
GetDC
CallNextHookEx
DialogBoxParamA
SetMenu
OpenClipboard
EqualRect
GetMessagePos
GetMenuItemID
ReleaseDC
IsIconic
FillRect
DestroyCursor
PostQuitMessage
ReleaseCapture
IsDialogMessageA
EmptyClipboard
DestroyMenu
RemovePropA
GetSubMenu
DestroyWindow
PostMessageA
IsWindowEnabled
GetClassNameA
WaitMessage
SetScrollPos
LoadStringA

Sections

.text
Size: 54KB - Virtual size: 54KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 79KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

f7c6d8635cbb5f72b0894195da27d1cb

Headers

File Characteristics

Imports

kernel32

msvcrt

user32

Sections

.text Size: 54KB - Virtual size: 54KB

.rdata Size: 10KB - Virtual size: 10KB

.data Size: 79KB - Virtual size: 78KB

.rsrc Size: 20KB - Virtual size: 24KB

.text
Size: 54KB - Virtual size: 54KB

.rdata
Size: 10KB - Virtual size: 10KB

.data
Size: 79KB - Virtual size: 78KB

.rsrc
Size: 20KB - Virtual size: 24KB