3eaf2943cb0ab76d6710e08cc5f10f1b17675c896f2c53db51d8ea8cf9468fca

Sharing

Copy URL Twitter E-mail

General

Target

3eaf2943cb0ab76d6710e08cc5f10f1b17675c896f2c53db51d8ea8cf9468fca
Size

92KB
MD5

d51d99b5a5c321f93ec9de0908830c71
SHA1

8f87bb945820320b4d7e9a01bd0a22907f312e2d
SHA256

3eaf2943cb0ab76d6710e08cc5f10f1b17675c896f2c53db51d8ea8cf9468fca
SHA512

536a0b74b5ba523c08434d73db22bf530ad6cde10632bd188baec4ae923835eb8e3c0265ff5d87f712ea356bf60014540fd797ca46bc35e5ffde73245cc7d16d
SSDEEP

1536:mpE3W+UdES9zMqTiMiUh3eSkQQVAWFdwT/ahYo1FkR+Z1gNzk:mp1RdES5733ekdC1FkR+/gu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3eaf2943cb0ab76d6710e08cc5f10f1b17675c896f2c53db51d8ea8cf9468fca

Files

3eaf2943cb0ab76d6710e08cc5f10f1b17675c896f2c53db51d8ea8cf9468fca
.exe windows:4 windows x86 arch:x86

5b68b2a6ce422ef3c720241a889d5e25

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalDeleteAtom
GlobalFindAtomA
GlobalAddAtomA
GlobalGetAtomNameA
GetModuleHandleA
FreeLibrary
GetProcessVersion
GlobalFlags
GetCPInfo
GetOEMCP
lstrcmpA
GetVersion
GetStartupInfoA
GetCommandLineA
ExitProcess
RaiseException
HeapAlloc
GetTimeZoneInformation
GetACP
HeapSize
HeapReAlloc
TerminateProcess
HeapFree
RtlUnwind
GetCurrentThreadId
VirtualAlloc
IsBadWritePtr
GetStringTypeA
GetStringTypeW
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
SetStdHandle
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetUserDefaultLCID
CreateDirectoryA
GetLastError
lstrlenA
MultiByteToWideChar
WritePrivateProfileStringA
GetPrivateProfileStringA
GetSystemDirectoryA
TlsGetValue
LocalReAlloc
TlsSetValue
GlobalAlloc
GlobalReAlloc
GlobalLock
GlobalHandle
GlobalUnlock
GlobalFree
TlsAlloc
LocalAlloc
FileTimeToLocalFileTime
FileTimeToSystemTime
lstrcmpiA
LoadLibraryA
LCMapStringW
GetFullPathNameA
GetModuleFileNameA
GetVolumeInformationA
HeapDestroy
GetProcAddress
DeleteFileA
FlushFileBuffers
SetFilePointer
WriteFile
lstrcpyA
GetCurrentProcess
EnterCriticalSection
lstrcatA
InitializeCriticalSection
LeaveCriticalSection
DeleteCriticalSection
SetLastError
CloseHandle
FindClose
FindFirstFileA
lstrcpynA
LocalFree
InterlockedIncrement
WideCharToMultiByte
InterlockedDecrement
HeapCreate
GetUserDefaultLangID
VirtualFree
LCMapStringA
SetCurrentDirectoryA

user32

GetClientRect
AdjustWindowRectEx
SetFocus
GetSysColor
MapWindowPoints
PostMessageA
LoadIconA
SetWindowTextA
LoadCursorA
GetSysColorBrush
ReleaseDC
GetDC
GetClassNameA
PtInRect
ClientToScreen
PostQuitMessage
DestroyMenu
TabbedTextOutA
DrawTextA
GrayStringA
GetTopWindow
CopyRect
GetClassInfoA
RegisterClassA
GetMenuItemCount
GetSubMenu
GetMenuItemID
GetDlgItem
GetWindowTextA
GetDlgCtrlID
DefWindowProcA
DestroyWindow
CreateWindowExA
GetClassLongA
SetPropA
GetPropA
CallWindowProcA
RemovePropA
GetMessageTime
GetMessagePos
GetForegroundWindow
SetForegroundWindow
GetWindow
SetWindowLongA
SetWindowPos
RegisterWindowMessageA
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindowRect
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetFocus
GetNextDlgTabItem
DispatchMessageA
GetKeyState
CallNextHookEx
PeekMessageA
SetWindowsHookExA
UnhookWindowsHookEx
GetParent
GetLastActivePopup
IsWindowEnabled
GetWindowLongA
SendMessageA
MessageBoxA
EnableWindow
GetCapture
WinHelpA
GetMenu
GetSystemMetrics
CharUpperA
LoadStringA
LoadBitmapA
GetMenuCheckMarkDimensions

gdi32

CreateBitmap
SetTextColor
SetBkColor
GetClipBox
GetDeviceCaps
DeleteObject
GetObjectA
SaveDC
DeleteDC
SelectObject
GetStockObject
RestoreDC
SetMapMode
OffsetViewportOrgEx
SetViewportExtEx
SetViewportOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
SetWindowExtEx
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegOpenKeyExA
RegCloseKey
RegQueryValueExA

comctl32

ord17

ole32

CoCreateInstance
CoInitialize
CoUninitialize

Sections

.text
Size: 64KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

5b68b2a6ce422ef3c720241a889d5e25

Headers

File Characteristics

Imports

kernel32

user32

gdi32

winspool.drv

advapi32

comctl32

ole32

Sections

.text Size: 64KB - Virtual size: 60KB

.rdata Size: 16KB - Virtual size: 14KB

.data Size: 8KB - Virtual size: 8KB

.text
Size: 64KB - Virtual size: 60KB

.rdata
Size: 16KB - Virtual size: 14KB

.data
Size: 8KB - Virtual size: 8KB