c3f0ea46dab20b090178c0cf781f377a

Sharing

Copy URL

Twitter E-mail

General

Target

c3f0ea46dab20b090178c0cf781f377a
Size

472KB
MD5

c3f0ea46dab20b090178c0cf781f377a
SHA1

7948660fcccaa3ad543529bebcfb7571d67e73ad
SHA256

40a55204b8a6bfc492ec705bd28c270b83a5140dcdcfa55a795aac0ccdddfbde
SHA512

93fabef7f0b68c4365cab54a0926bc2bc94a9c21b70cb51651a443d1a53fffb051860223e0b560d7620da60d7758485ecf73910b9c8308dfaa722c6382269618
SSDEEP

6144:+joacqH8GEvFJxtod2K6Lr9PVjcLOJSWtAXFLYgJv7TxOyLPXYfekP/OcF:+saGGKxtzKyrUiSWtqK87TxOya3O

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c3f0ea46dab20b090178c0cf781f377a

Files

c3f0ea46dab20b090178c0cf781f377a
.exe windows:4 windows x86 arch:x86

0864c714a66dfd2429be081144b197c1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\lkoketme\oee\avcalv\vecrqkk.PDB

Imports

user32

DlgDirListComboBoxW
RegisterClassA
RegisterClassExA

shell32

ShellExecuteExA
FindExecutableW

wininet

SetUrlCacheEntryGroup
InternetCrackUrlW
SetUrlCacheConfigInfoW
FtpGetCurrentDirectoryW

gdi32

GetNearestColor
DPtoLP
SetTextJustification
SetFontEnumeration
StartPage
ExcludeClipRect
PlayMetaFileRecord
GetObjectW
DeleteDC
OffsetRgn
GetClipRgn
GetTextMetricsA
CreateDCW
SetViewportExtEx
GetDeviceCaps
SetBrushOrgEx
SelectObject
PolyDraw
GetRegionData

kernel32

GetCurrentThreadId
WideCharToMultiByte
CreateMutexA
TlsFree
EnterCriticalSection
GetModuleFileNameA
CompareStringA
RtlUnwind
QueryPerformanceCounter
LCMapStringW
VirtualFree
GetUserDefaultLCID
TlsGetValue
ReadFile
IsBadWritePtr
DeleteCriticalSection
GetStdHandle
OpenMutexA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetStringTypeA
GetCurrentProcessId
GetVersion
UnhandledExceptionFilter
GetModuleHandleA
FindNextChangeNotification
GetEnvironmentStrings
HeapReAlloc
MultiByteToWideChar
GetTickCount
TlsSetValue
LCMapStringA
GetACP
SetStdHandle
WriteFile
GetCurrentThread
GetTimeZoneInformation
SetEnvironmentVariableA
HeapAlloc
TlsAlloc
ExitProcess
GetStringTypeW
GetCommandLineA
GetCPInfo
VirtualQuery
InterlockedDecrement
GetSystemTime
GetOEMCP
HeapFree
HeapCreate
GetProcAddress
InterlockedExchange
GetLastError
CloseHandle
CompareStringW
GetSystemTimeAsFileTime
FreeEnvironmentStringsA
TerminateProcess
HeapDestroy
SetLastError
LoadModule
InitializeCriticalSection
GetStartupInfoA
InterlockedIncrement
GetFileType
VirtualAlloc
GetLocalTime
LeaveCriticalSection
GetCurrentProcess
LoadLibraryA
SetFilePointer
SetHandleCount
FlushFileBuffers

comctl32

ImageList_SetFilter
ImageList_AddIcon
ImageList_GetIcon
ImageList_Create
ImageList_ReplaceIcon
ImageList_BeginDrag
ImageList_Replace
ImageList_GetDragImage
DrawStatusTextA
MakeDragList
DrawStatusText
ImageList_GetBkColor
ImageList_SetFlags
CreateStatusWindowW
CreatePropertySheetPageA
ImageList_EndDrag
ImageList_GetFlags
ImageList_GetImageRect
InitCommonControlsEx
ImageList_Destroy

Sections

.text
Size: 141KB - Virtual size: 140KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 199KB - Virtual size: 210KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 111KB - Virtual size: 111KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0864c714a66dfd2429be081144b197c1

Headers

File Characteristics

PDB Paths

Imports

user32

shell32

wininet

gdi32

kernel32

comctl32

Sections

.text Size: 141KB - Virtual size: 140KB

.rdata Size: 199KB - Virtual size: 210KB

.data Size: 111KB - Virtual size: 111KB

.rsrc Size: 19KB - Virtual size: 18KB

.text
Size: 141KB - Virtual size: 140KB

.rdata
Size: 199KB - Virtual size: 210KB

.data
Size: 111KB - Virtual size: 111KB

.rsrc
Size: 19KB - Virtual size: 18KB