de3b3cb616d5b31881424cadbfb83471

General

Target

de3b3cb616d5b31881424cadbfb83471
Size

70KB
MD5

de3b3cb616d5b31881424cadbfb83471
SHA1

b6899c6e9d6213f99eff5bffedfa34efb493845f
SHA256

97a26f90155c9842488d45a35e5cf8f0a0326f620cd6e6044c372e95c8946137
SHA512

728e470d9b1f6ce0657b81e97d31f3dbaba503f89c01de34f1d2af18540e2298ffc4e10c81bf427f7fdd97c17f52848d8ec50e5d9c0c513bb468e27e0d3c6a97
SSDEEP

1536:8gfSzWSlHyAx/xxxLYwxxxxxxxxxxxxxxxxxxxxxxxxxxxxdiXoVxxxxxxxxxxx+:8g6quSSiYAPomP75nKn4IM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
de3b3cb616d5b31881424cadbfb83471

Files

de3b3cb616d5b31881424cadbfb83471
.exe windows:4 windows x86 arch:x86

352f6c4ac64afd1e514dd9917cc65e65

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileType
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
ReadFile
TlsSetValue
CreateFileA
WideCharToMultiByte
GetStdHandle
CloseHandle
TlsGetValue
GetSystemTime
GetConsoleCommandHistoryA
EnterCriticalSection
WriteFile
SetFilePointer
GetFileSize
SetEndOfFile
DeleteFileA
WriteFile
FindResourceA
GetACP
LockResource
SetEndOfFile
GetCurrentProcess
Sleep
InterlockedExchange
GetVersionExA
GetExitCodeProcess
GetUserDefaultLangID
SetFilePointer
RemoveDirectoryA
SizeofResource
CreateDirectoryA
SetLastError
IsDBCSLeadByte
GetModuleFileNameA
GetSystemDefaultLCID
GetWindowsDirectoryA
GetLocaleInfoA
VirtualProtect
LoadResource
GetFileAttributesA
GetEnvironmentVariableA
VirtualQuery
SetErrorMode
GetFullPathNameA
GetFileSize
GetSystemInfo
FormatMessageA
CreateFileA
CreateProcessA
ReadFile
LoadLibraryA
CloseHandle

comctl32

InitCommonControls

advapi32

OpenProcessToken
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
LookupPrivilegeValueA

oleaut32

VariantClear
VariantCopyInd
VariantChangeTypeEx

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 52KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

352f6c4ac64afd1e514dd9917cc65e65

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

comctl32

advapi32

oleaut32

Sections

.text Size: 7KB - Virtual size: 7KB

.data Size: 5KB - Virtual size: 9KB

.rsrc Size: 4KB - Virtual size: 3KB

.edata Size: 52KB - Virtual size: 67KB

.text
Size: 7KB - Virtual size: 7KB

.data
Size: 5KB - Virtual size: 9KB

.rsrc
Size: 4KB - Virtual size: 3KB

.edata
Size: 52KB - Virtual size: 67KB