c3409e7ddd8c63c2f207611e14c9edb2

General

Target

c3409e7ddd8c63c2f207611e14c9edb2
Size

180KB
MD5

c3409e7ddd8c63c2f207611e14c9edb2
SHA1

7ffeda7c0e5e72d540d75cd919eb13157bee54f0
SHA256

712699c445a3a65a0378a64c4b92694b92dfe03a0c19ab15c73b0dac132a4ef8
SHA512

3efd85f8c2f7fe132792e5a57ec0e978b25a00ea71663a5e7c8898242471b59f66808a8403c04778320c3c297f84e9f8b3381ac9f7538aa33f68271f563a4aa2
SSDEEP

3072:grdANB7GYkGjFyFFEoh92oqlSNlxmnUDi/kqdA2n3QTNgq/pEEXJUW6mNfl5OYTw:gn/onUmDKQ3CpBEMJUW6mPwYTw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c3409e7ddd8c63c2f207611e14c9edb2

Files

c3409e7ddd8c63c2f207611e14c9edb2
.exe windows:4 windows x86 arch:x86

01176566320f02447f1d48f2fbdab9e5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

SHEnumKeyExA
SHGetValueA
SHEnumValueA
StrStrIA
SHSetValueA

advapi32

StartServiceA
CreateServiceA
OpenSCManagerA
DeleteService
CryptReleaseContext
CryptGenRandom
CryptAcquireContextA
RegCloseKey
RegOpenKeyExA
RegSetValueExA
RegCreateKeyExA
CloseServiceHandle
OpenServiceA

shell32

SHGetSpecialFolderPathA

rpcrt4

UuidToStringA

user32

wsprintfA

ole32

CoInitialize
CoCreateGuid
CoCreateInstance

msvcrt

malloc
__mb_cur_max
isupper
strerror
isspace
isalpha
wctomb
memset
strcat
strcpy
strncpy
rand
wcscpy
mbstowcs
sprintf
srand
time
atoi
free
fwrite
fclose
fopen
memcmp
_exit
_XcptFilter
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
isgraph
isxdigit
isalnum
tolower
strlen
printf
??2@YAPAXI@Z
islower
memcpy
ispunct

imagehlp

ImageNtHeader

kernel32

GetLastError
GetModuleHandleA
GetFileAttributesExA
SetFileTime
lstrlenA
CreateFileA
GetSystemDirectoryA
SleepEx
GetLocalTime
ExitProcess
FindFirstFileA
GetFileAttributesA
GetPrivateProfileStringA
FindNextFileA
CloseHandle
WideCharToMultiByte
GetStartupInfoA
GetVersionExA

Sections

.text
Size: 48KB - Virtual size: 45KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 108KB - Virtual size: 105KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

01176566320f02447f1d48f2fbdab9e5

Headers

File Characteristics

Imports

shlwapi

advapi32

shell32

rpcrt4

user32

ole32

msvcrt

imagehlp

kernel32

Sections

.text Size: 48KB - Virtual size: 45KB

.rdata Size: 20KB - Virtual size: 16KB

.data Size: 108KB - Virtual size: 105KB

.text
Size: 48KB - Virtual size: 45KB

.rdata
Size: 20KB - Virtual size: 16KB

.data
Size: 108KB - Virtual size: 105KB