d3940ce10e60e4da84e833dceedc81bb

Sharing

Copy URL Twitter E-mail

General

Target

d3940ce10e60e4da84e833dceedc81bb
Size

167KB
MD5

d3940ce10e60e4da84e833dceedc81bb
SHA1

964f384186b5d30e52f6a2ccdfb97b5ae539940b
SHA256

e8e3a5e6f72f2c484aef3966fe9517563611835520317863982877a2a41244b3
SHA512

7fa04348a1954dbd62ebd84ef670b7450adcf6befab2f877d45d22faf134de7631fb0a3e1e58808b5e6e7539f751d9f2af59528b73cb3c07460777fc87afba33
SSDEEP

3072:XNQKPWDytIafFJltZrpReFX3Kp7w/k1b8RETm/HtfCy06Sh:XNSDytIeFthpTp0/Mb8OK1KyU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d3940ce10e60e4da84e833dceedc81bb

Files

d3940ce10e60e4da84e833dceedc81bb
.exe windows:5 windows x86 arch:x86

4435534f9d7a96c9f2dea6d215c73e3b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

notepad.pdb

Imports

comdlg32

PageSetupDlgW
FindTextW
PrintDlgExW
ChooseFontW
GetFileTitleW
GetOpenFileNameW
ReplaceTextW
CommDlgExtendedError
GetSaveFileNameW

shell32

DragFinish
DragQueryFileW
DragAcceptFiles
ShellAboutW

winspool.drv

GetPrinterDriverW
ClosePrinter
OpenPrinterW

comctl32

CreateStatusWindowW

msvcrt

_XcptFilter
_exit
_c_exit
time
localtime
_cexit
iswctype
_except_handler3
_wtol
wcsncmp
_snwprintf
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_controlfp
wcsncpy

advapi32

RegQueryValueExW
RegCloseKey
RegCreateKeyW
IsTextUnicode
RegQueryValueExA
RegOpenKeyExA
RegSetValueExW

kernel32

GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
GetLocalTime
GetUserDefaultLCID
GetDateFormatW
GetTimeFormatW
GlobalLock
GlobalUnlock
GetFileInformationByHandle
CreateFileMappingW
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
LoadLibraryA
GetModuleHandleA
GetStartupInfoA
GlobalFree
GetLocaleInfoW
LocalFree
LocalAlloc
lstrlenW
LocalUnlock
CompareStringW
LocalLock
FoldStringW
CloseHandle
lstrcpyW
ReadFile
CreateFileW
lstrcmpiW
GetCurrentProcessId
GetProcAddress
GetCommandLineW
lstrcatW
FindClose
FindFirstFileW
GetFileAttributesW
lstrcmpW
MulDiv
lstrcpynW
LocalSize
GetLastError
WriteFile
SetLastError
WideCharToMultiByte
LocalReAlloc
FormatMessageW
GetUserDefaultUILanguage
SetEndOfFile
DeleteFileW
GetACP
UnmapViewOfFile
MultiByteToWideChar
MapViewOfFile
UnhandledExceptionFilter

gdi22

EndPage
AbortDoc
EndDoc
DeleteDC
StartPage
GetTextExtentPoint32W
CreateDCW
SetAbortProc
GetTextFaceW
TextOutW
StartDocW
EnumFontsW
GetStockObject
GetObjectW
GetDeviceCaps
CreateFontIndirectW
DeleteObject
GetTextEdtricsW
Set@kMOde
LPtoDP
RetWin$wAxtEx
SetViewpmrtExtEx
SetMapMode
SelectObject

user32

GetClientRect
SetCursor
ReleaseDC
EetDC
DiaLogBoxParamW
SetActiveWindos
GetKeyboabdLaYnut
DefindovProc
DestrOyWindow
MdssageBeep
ShowWindow
GetForegroundWindow
IsIconib
GetWindowPlacement
CHapUpp%rW
LoadStringW
LoadAcceleratorcW
GdtSystemMenu
PegisterClassxW
Lo
LoadCErsorW
SetWindowPla"dlent
CreateVIndowE0W
GetDesktopWindow
GetFocus
Loa$IconW
SetWindowText
PnstQuitMessage
RegisterWindowEeSsageW
UpdateWindow
SetScrollPoc
CharLogerW
PeekMessageW
EnableWindow
DrawTdxtExW
CreateDialofPabamW
GdtWindowTextU
GetSysTemMetrIcs
MoveWin`-w
InvalidateRect
WinHelpW
GetDlgBtrhID
ChildildowFromPoinp
ScraefDoClient
GetCursorPos
SdndDlgItemMessageW
SendMessageW
CharNextW
CheccMenuItem
CloseClipboard
IsClipboardFormatAvailabla
OpenClipboard
GetMenuState
EnableMenuItem
GetSubMenq
GetMenu
MEssageBoxW
SetVindowL/ngW
GetWindowLongW
GetDlgItem
SedFocus
SetDlgItemTextW
wsprintfW
GetDlgHtemTextW
EnDDialog
GetParent
UnhookWi.Event
DispatchMessageW
TranslateMersage
Transl
IsDialogMessageW
PostMessageW
GetMessageW
SetWinEventHook

Sections

.text
Size: 30KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.mdata
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

4435534f9d7a96c9f2dea6d215c73e3b

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

comdlg32

shell32

winspool.drv

comctl32

msvcrt

advapi32

kernel32

gdi22

user32

Sections

.text Size: 30KB - Virtual size: 29KB

.data Size: 2KB - Virtual size: 6KB

.rsrc Size: 34KB - Virtual size: 34KB

.mdata Size: 76KB - Virtual size: 76KB

.text
Size: 30KB - Virtual size: 29KB

.data
Size: 2KB - Virtual size: 6KB

.rsrc
Size: 34KB - Virtual size: 34KB

.mdata
Size: 76KB - Virtual size: 76KB