c3c2839c335951b276460cfdabc832b8

Sharing

Copy URL Twitter E-mail

General

Target

c3c2839c335951b276460cfdabc832b8
Size

612KB
MD5

c3c2839c335951b276460cfdabc832b8
SHA1

a84c41ad83e94c9b985844301820edeca1eaad72
SHA256

68ef496c278246a2dbd8973006d993b76d460ae5d44094b10a72faece1056797
SHA512

e3eed543e3557e5459f7d4f0a6fca1266cff781ecf36578bfafc64fd71727248134ab494663e5e6381d86d6f2ed96fff8a248563786fccb53aacebeb98067d05
SSDEEP

12288:FyTl3Y40Fc9MYzeYL0v/vsDrYke7Wv3erv8UkoIjRZ6e+SCH3m/xwD:FghyFc9Mceq03k/jv3VUkouVM3MY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c3c2839c335951b276460cfdabc832b8

Files

c3c2839c335951b276460cfdabc832b8
.exe windows:4 windows x86 arch:x86

547d8021b35f5973016f690214034eae

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\aeobeenm\etzsra\fjeoovekwo\ava\ent.pdb

Imports

shell32

DragQueryFileW
InternalExtractIconListW

user32

IsZoomed
RegisterClassA
DdeCmpStringHandles
RegisterClipboardFormatW
GetWindowModuleFileNameA
DdeCreateDataHandle
GetMenuItemInfoA
OemToCharBuffW
GetPropW
DdeInitializeW
MessageBoxExA
ValidateRgn
DialogBoxIndirectParamA
DispatchMessageA
InSendMessage
IsWindowEnabled
IsCharAlphaW
LoadAcceleratorsW
CreateMDIWindowW
GetKeyboardLayoutNameA
EnableWindow
MapWindowPoints
InSendMessageEx
AppendMenuW
CharLowerA
OpenDesktopW
IsCharUpperW
EnumPropsW
LoadIconA
VkKeyScanW
CallWindowProcW
CharLowerBuffW
ImpersonateDdeClientWindow
DdeFreeStringHandle
GetUserObjectInformationW
TrackMouseEvent
SetMenuItemBitmaps
GetDCEx
CreateIconFromResource
DefWindowProcA
VkKeyScanExW
CountClipboardFormats
BeginDeferWindowPos
SetWindowsHookExW
GetSubMenu
RegisterClassExA
LoadMenuIndirectA
DdeDisconnect
DdeInitializeA
SwitchDesktop
ChangeMenuA
ChildWindowFromPoint
IsDialogMessageA
EnumPropsExW
CascadeWindows
WINNLSGetEnableStatus
MessageBoxA
IsMenu
CopyAcceleratorTableA
SetKeyboardState
SetWindowLongW
PeekMessageA
AnyPopup
InsertMenuItemW

wininet

GetUrlCacheEntryInfoExW
InternetGetConnectedStateEx
InternetSetFilePointer
FtpPutFileA
FtpOpenFileA
InternetCombineUrlW
FreeUrlCacheSpaceA
InternetOpenUrlW
InternetDial

comdlg32

GetFileTitleA
PrintDlgA

gdi32

UnrealizeObject
SetDIBitsToDevice
PlayEnhMetaFileRecord

kernel32

GetStringTypeA
GetComputerNameW
SetConsoleCtrlHandler
GetOEMCP
GetModuleHandleA
GetCurrentProcess
GetStartupInfoA
FreeLibraryAndExitThread
CreateMutexA
lstrcpynA
GetCurrentThread
GetLocaleInfoW
GlobalSize
TlsSetValue
GetTickCount
HeapFree
LCMapStringA
CloseHandle
InitializeCriticalSection
GetCalendarInfoA
SetFileAttributesA
GetVersionExA
GetSystemDefaultLangID
CreateFileA
GetUserDefaultLCID
GetCommandLineA
LocalFree
ReadFile
SetConsoleTextAttribute
AddAtomA
LoadLibraryA
SetFilePointer
InterlockedIncrement
EnumSystemCodePagesW
GetConsoleMode
TlsGetValue
ReleaseMutex
GetTempFileNameA
GetTimeFormatA
WideCharToMultiByte
GetLocaleInfoA
GetLastError
WritePrivateProfileStringA
ReadConsoleA
GetCPInfo
LeaveCriticalSection
TlsFree
GetTimeZoneInformation
GetAtomNameW
HeapCreate
GetCurrencyFormatW
DeleteAtom
GlobalAlloc
GetStringTypeW
CreateWaitableTimerW
FreeEnvironmentStringsA
GetStdHandle
WritePrivateProfileStructA
IsDebuggerPresent
PulseEvent
CompareStringA
VirtualProtectEx
SetEnvironmentVariableA
GetProcAddress
DeleteCriticalSection
WriteConsoleOutputAttribute
GetCurrentProcessId
IsValidLocale
GetStartupInfoW
VirtualFree
GetCurrentThreadId
UnhandledExceptionFilter
GetModuleFileNameW
WriteProfileSectionW
HeapReAlloc
GetConsoleOutputCP
FreeEnvironmentStringsW
EnumResourceNamesA
GetDateFormatA
SetEnvironmentVariableW
GetEnvironmentStrings
VirtualQuery
EnumSystemLocalesW
CreateMailslotA
GetSystemTimeAsFileTime
EnumResourceLanguagesW
QueryPerformanceCounter
OpenMutexA
Sleep
SetHandleCount
GetFileType
FreeLibrary
IsValidCodePage
RtlUnwind
SetLastError
SetUnhandledExceptionFilter
WriteConsoleOutputCharacterA
GetModuleFileNameA
GetACP
WriteFile
OpenWaitableTimerA
SetStdHandle
VirtualAlloc
WriteConsoleOutputCharacterW
TlsAlloc
MultiByteToWideChar
ExitProcess
GetEnvironmentStringsW
EnumSystemLocalesA
SetLocaleInfoW
WriteConsoleW
OpenWaitableTimerW
GetConsoleCP
GetCommandLineW
InterlockedDecrement
GlobalFindAtomW
FlushFileBuffers
HeapSize
FindNextFileA
TerminateProcess
EnterCriticalSection
CreateDirectoryA
GetProcessShutdownParameters
CompareStringW
HeapDestroy
HeapAlloc
GetProcessHeap
InterlockedExchange
WriteConsoleA
LCMapStringW
VirtualLock

comctl32

ImageList_Draw
ImageList_AddMasked
ImageList_ReplaceIcon
ImageList_GetImageInfo
DrawStatusTextW
ImageList_SetBkColor
ImageList_SetIconSize
ImageList_GetFlags
ImageList_SetImageCount
ImageList_Remove
InitCommonControlsEx
CreateMappedBitmap
ImageList_DragLeave
CreateStatusWindowA
ImageList_Destroy
ImageList_SetOverlayImage
ImageList_DragMove

Sections

.text
Size: 220KB - Virtual size: 219KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 260KB - Virtual size: 256KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 116KB - Virtual size: 146KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

547d8021b35f5973016f690214034eae

Headers

File Characteristics

PDB Paths

Imports

shell32

user32

wininet

comdlg32

gdi32

kernel32

comctl32

Sections

.text Size: 220KB - Virtual size: 219KB

.rdata Size: 260KB - Virtual size: 256KB

.data Size: 116KB - Virtual size: 146KB

.rsrc Size: 12KB - Virtual size: 9KB

.text
Size: 220KB - Virtual size: 219KB

.rdata
Size: 260KB - Virtual size: 256KB

.data
Size: 116KB - Virtual size: 146KB

.rsrc
Size: 12KB - Virtual size: 9KB