c3394e78bf2924e09a2a1fd5ef2cb306

Sharing

Copy URL Twitter E-mail

General

Target

c3394e78bf2924e09a2a1fd5ef2cb306
Size

186KB
MD5

c3394e78bf2924e09a2a1fd5ef2cb306
SHA1

4b00f91f17320e3df2daed3206284d5b0754b455
SHA256

ec84c1bad1c4db8eba92e0011fb830a5a151be18f7dc426dd1144f1918130d63
SHA512

a34d66f1edd04452d0dacfbba6b6af63747472e771c7624749a807e888b3de4c30a8a5feeee60611f3eff0dc85e1e50e15345c8e20bfe279c584c5f00fbf7b0b
SSDEEP

3072:IDxRQ7p+huB8RHWFwLyV5AtSRr79X1aameMnBMtX9EJUvKXY9LvfufHBt2i+RbG+:ID3Q7shuB8R2F3d9XM79mX9DvPc72iTE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c3394e78bf2924e09a2a1fd5ef2cb306

Files

c3394e78bf2924e09a2a1fd5ef2cb306
.exe windows:4 windows x86 arch:x86

45b530cb3edb9aec3f55ab5a7135d7a0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegCreateKeyExW
RegEnumKeyW
RegEnumKeyExW
RegQueryInfoKeyW
RegCloseKey
RegSetValueExW
RegQueryValueW
RegOpenKeyW
RegOpenKeyExW
RegDeleteKeyW
RegQueryValueExW

oleacc

LresultFromObject
CreateStdAccessibleObject

user32

GetClassInfoExW
CharNextW
SetRect
MessageBeep
WinHelpW
InvalidateRect
CopyAcceleratorTableW
IsRectEmpty
CharUpperW
InvalidateRgn
RegisterWindowMessageW
CreateWindowExW
GetNextDlgTabItem
SetPropW
RemovePropW
SendDlgItemMessageA
GetNextDlgGroupItem
GetPropW
GetClassLongW
DestroyMenu

shlwapi

PathFindExtensionW
PathStripToRootW
PathFindFileNameW
PathFileExistsW
PathRemoveFileSpecW
PathIsUNCW
PathAppendW

shell32

SHCreateDirectoryExW
SHGetSpecialFolderPathW

gdi32

ScaleWindowExtEx
GetStockObject
SelectObject
GetMapMode
SetWindowExtEx
TextOutW
ExtSelectClipRgn
ScaleViewportExtEx
GetDeviceCaps
DeleteDC
ExtTextOutW
GetBkColor
RectVisible
PtVisible
SetViewportOrgEx
Escape
GetTextColor
OffsetViewportOrgEx
GetRgnBox

ole32

CoInitialize
CoFreeUnusedLibraries
CoRevokeClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
OleUninitialize
CoRetireServer
CreateILockBytesOnHGlobal
OleIsCurrentClipboard
OleInitialize
CoUninitialize
OleFlushClipboard
CoTaskMemFree
CoGetClassObject
CoTaskMemAlloc
CoCreateInstance
CLSIDFromProgID
CoRegisterMessageFilter
CLSIDFromString

kernel32

GetCalendarInfoW
ConvertDefaultLocale
GetLocaleInfoW
FindNextFileW
DeleteFileW
GetCurrentDirectoryW
FindClose
SetFilePointer
InterlockedDecrement
lstrcpyW
CreateDirectoryW
MoveFileW
WideCharToMultiByte
CreateFileW
ReadFile
LoadLibraryW
GetCurrentProcessId
SystemTimeToFileTime
EnumResourceNamesA
SetFileTime
WriteFile
ExitProcess
FindFirstFileW
MultiByteToWideChar
RemoveDirectoryW
GetVersion
GetSystemDefaultLangID
GetFileAttributesW
EnumResourceLanguagesW
LocalFileTimeToFileTime
GetModuleFileNameW
GetProcAddress

Sections

.text
Size: 108KB - Virtual size: 107KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 72KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1024B - Virtual size: 240KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

45b530cb3edb9aec3f55ab5a7135d7a0

Headers

File Characteristics

Imports

advapi32

oleacc

user32

shlwapi

shell32

gdi32

ole32

kernel32

Sections

.text Size: 108KB - Virtual size: 107KB

.rdata Size: 3KB - Virtual size: 3KB

.bss Size: 72KB - Virtual size: 72KB

.edata Size: 1024B - Virtual size: 240KB

.text
Size: 108KB - Virtual size: 107KB

.rdata
Size: 3KB - Virtual size: 3KB

.bss
Size: 72KB - Virtual size: 72KB

.edata
Size: 1024B - Virtual size: 240KB