b3f8123f70156d03fa9ceb7d2258b352

General

Target

b3f8123f70156d03fa9ceb7d2258b352
Size

180KB
MD5

b3f8123f70156d03fa9ceb7d2258b352
SHA1

fec2f3473f6f755a7021f75ebc37817a14be206a
SHA256

517093571f6a55b1f926d66b9fcbe6d813511a304fe7773788505ca287cf6cfd
SHA512

ca9d380cf7c86429bd6916eb6ba6e45fc84ffe07f1710b75cbc761e18214e6b5b7c434e8dc1440b02f43d6a84af476663c0e93a39f85f3b9158ac47dc39dce97
SSDEEP

3072:D2lTkI3Fr9/OnrdezUnnmWxXm3Sj1GIITRjnaM8I:aTr9/QnmImIP2aM8I

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b3f8123f70156d03fa9ceb7d2258b352

Files

b3f8123f70156d03fa9ceb7d2258b352
.exe windows:4 windows x86 arch:x86

4e16e9a0c51eb101e1107b3b6e5e212a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

SHEnumValueA
SHSetValueA
StrStrIA
SHEnumKeyExA
SHGetValueA

rpcrt4

UuidToStringA

advapi32

RegSetValueExA
CryptReleaseContext
RegCreateKeyExA
OpenSCManagerA
RegOpenKeyExA
RegCloseKey
CryptAcquireContextA
CloseServiceHandle
CreateServiceA
StartServiceA
OpenServiceA
DeleteService
CryptGenRandom

ole32

CoCreateGuid
CoInitialize
CoCreateInstance

shell32

SHGetSpecialFolderPathA

user32

wsprintfA

msvcrt

tolower
free
time
memcmp
isupper
isxdigit
printf
strlen
??2@YAPAXI@Z
ispunct
isspace
isdigit
atoi
strncpy
wcscpy
mbstowcs
sprintf
srand
strerror
isalpha
fclose
fwrite
fopen
islower
_exit
_XcptFilter
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
__mb_cur_max
malloc
wctomb
isgraph
rand
strcpy
strcat
memset
memcpy
isalnum

imagehlp

ImageNtHeader

kernel32

GetVersionExA
GetLocalTime
SleepEx
lstrlenA
GetModuleHandleA
ExitProcess
FindFirstFileA
GetFileAttributesA
GetPrivateProfileStringA
FindNextFileA
WideCharToMultiByte
GetLastError
GetSystemDirectoryA
GetFileAttributesExA
CreateFileA
SetFileTime
CloseHandle
GetStartupInfoA

Sections

.text
Size: 52KB - Virtual size: 50KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 104KB - Virtual size: 101KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

4e16e9a0c51eb101e1107b3b6e5e212a

Headers

File Characteristics

Imports

shlwapi

rpcrt4

advapi32

ole32

shell32

user32

msvcrt

imagehlp

kernel32

Sections

.text Size: 52KB - Virtual size: 50KB

.rdata Size: 20KB - Virtual size: 16KB

.data Size: 104KB - Virtual size: 101KB

.text
Size: 52KB - Virtual size: 50KB

.rdata
Size: 20KB - Virtual size: 16KB

.data
Size: 104KB - Virtual size: 101KB