c3ccb7f2ef03aa7b639820ad85e7432a

Sharing

Copy URL Twitter E-mail

General

Target

c3ccb7f2ef03aa7b639820ad85e7432a
Size

424KB
MD5

c3ccb7f2ef03aa7b639820ad85e7432a
SHA1

965f68a5ef7a640e1f584e0bb43eefa2023763df
SHA256

d640c7e7d29afb62bd61a82beac2f53584745a86c7ff1b48e8c196a1f8766880
SHA512

273bcd37297a07b61c0a93e21809570a2ef8b4c129b1b7c7dfe316ae7fcb0dace6eb2f9dd61ce96a6086a6848f11d841b27fd8c0435d7026269d182cd557a5d1
SSDEEP

12288:bhvnajb046X82EQnwFImqlyhkwpJ3yeopMaowUL:Z80JXEQwFIZlyhLJE+ae

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c3ccb7f2ef03aa7b639820ad85e7432a

Files

c3ccb7f2ef03aa7b639820ad85e7432a
.exe windows:4 windows x86 arch:x86

d59976a74afcc753375480a0df977f36

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

CommandLineToArgvW
RealShellExecuteA
SHFileOperationA
FreeIconList

advapi32

CryptAcquireContextA
LogonUserW
RegReplaceKeyW
RegSetValueExA
CryptGenRandom
RegDeleteKeyW
ReportEventA
LookupAccountSidW
RegSetValueA

comdlg32

GetFileTitleA
ChooseFontW
ChooseColorW

kernel32

GetLocaleInfoA
HeapReAlloc
GetStartupInfoA
GetLastError
SetCriticalSectionSpinCount
InterlockedExchange
GetFileType
GetDiskFreeSpaceExA
VirtualQuery
TerminateProcess
OpenSemaphoreW
GetCurrentProcess
QueryPerformanceCounter
GetCurrentProcessId
WriteFile
GetFileAttributesA
DeleteCriticalSection
GetCurrentThread
HeapFree
GetUserDefaultLCID
HeapCreate
LCMapStringA
GetStringTypeA
ExitProcess
EnterCriticalSection
GetSystemTimeAsFileTime
RtlUnwind
VirtualFree
HeapDestroy
SetEnvironmentVariableA
GetVersionExA
UnhandledExceptionFilter
GetTickCount
SetLastError
TryEnterCriticalSection
GetPrivateProfileSectionNamesA
GetTimeZoneInformation
TlsSetValue
GetDateFormatA
MultiByteToWideChar
TlsGetValue
HeapAlloc
FreeEnvironmentStringsW
GetProcAddress
LCMapStringW
GetCPInfo
GetStartupInfoW
GetACP
GetOEMCP
VirtualProtect
GetModuleFileNameA
FindResourceW
GetCommandLineW
GetStdHandle
GetStringTypeW
GetTimeFormatA
TlsAlloc
GetLocaleInfoW
FreeResource
FreeEnvironmentStringsA
WideCharToMultiByte
GlobalAddAtomA
GetEnvironmentStringsW
IsValidCodePage
TlsFree
CompareStringA
InitializeCriticalSection
SetHandleCount
GetEnvironmentStrings
IsBadWritePtr
CompareStringW
GetCalendarInfoA
GetModuleFileNameW
GetCurrentThreadId
SetFileTime
GetModuleHandleA
VirtualAlloc
GetCommandLineA
HeapSize
EnumSystemLocalesA
ReadConsoleOutputA
IsValidLocale
GetSystemInfo
LeaveCriticalSection
LoadLibraryA

Sections

.text
Size: 128KB - Virtual size: 127KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 278KB - Virtual size: 277KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d59976a74afcc753375480a0df977f36

Headers

File Characteristics

Imports

shell32

advapi32

comdlg32

kernel32

Sections

.text Size: 128KB - Virtual size: 127KB

.rdata Size: 7KB - Virtual size: 15KB

.data Size: 278KB - Virtual size: 277KB

.rsrc Size: 9KB - Virtual size: 9KB

.text
Size: 128KB - Virtual size: 127KB

.rdata
Size: 7KB - Virtual size: 15KB

.data
Size: 278KB - Virtual size: 277KB

.rsrc
Size: 9KB - Virtual size: 9KB