f3af94e70e5712c13002f5594d5fabd881d4e71f5fab045b3eb919104d8a1f9f

Sharing

Copy URL Twitter E-mail

General

Target

f3af94e70e5712c13002f5594d5fabd881d4e71f5fab045b3eb919104d8a1f9f
Size

218KB
MD5

81067f5127687da5f2df775fa3581c79
SHA1

93de94fb9b558d0eb2c7ade76ce8f484cad493f9
SHA256

f3af94e70e5712c13002f5594d5fabd881d4e71f5fab045b3eb919104d8a1f9f
SHA512

f0cb46da3b4bb2960dbbcb511b1d54306b72a3648cef9329802e7bc227aec7a715adbb1428c570add0c5c4a9c752d07fc1427d699e0e8559fc355d065804dac2
SSDEEP

3072:9/6iFCmrarBDwqQmjL8uvfRZIZiBglYxxoJFoVO6VQMfR0shvcKNRhRD:9SiFC33Nvfoi0GGJFsO6VvxVRh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f3af94e70e5712c13002f5594d5fabd881d4e71f5fab045b3eb919104d8a1f9f

Files

f3af94e70e5712c13002f5594d5fabd881d4e71f5fab045b3eb919104d8a1f9f
.dll windows:4 windows x86 arch:x86

58ae6dcc9d015ce28a7b85ae68d87a29

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
GetThreadLocale
GetProcAddress
GetModuleHandleA
GetModuleFileNameA
GetTickCount
InitializeCriticalSection
DeleteCriticalSection
lstrcpynA
EnterCriticalSection
LeaveCriticalSection
FormatMessageA

user32

GetClientRect
CreateDialogParamA
DestroyWindow
GetWindowLongA
SetWindowLongA
ShowWindow
SetTimer
CheckDlgButton
SendDlgItemMessageA
GetDlgItemTextA
IsDlgButtonChecked
SetDlgItemTextA
GetDlgItem
SendMessageA
DefWindowProcA
InvalidateRect
EndPaint
DrawTextA
FillRect
BeginPaint
GetAsyncKeyState
LoadImageA
RegisterWindowMessageA
LoadCursorA
RegisterClassA
UnregisterClassA
KillTimer
GetCapture
GetParent
GetSysColor
SetFocus
SetCapture
ReleaseCapture

gdi32

SetBkMode
DeleteDC
SelectObject
CreateDIBSection
CreateCompatibleDC
BitBlt
SetTextColor
CreateSolidBrush
CreateFontIndirectA
LineTo
MoveToEx
CreatePen
RoundRect
DPtoLP
CreateBitmap
GetMapMode
SetMapMode
SetBkColor
GetObjectA
CreateCompatibleBitmap
GetTextColor
DeleteObject

msvcrt

__CxxFrameHandler
memset
memcpy
_adjust_fdiv
_initterm
_onexit
__dllonexit
?terminate@@YAXXZ
_except_handler3
_snprintf
_purecall
??2@YAPAXI@Z
atof
floor
memmove
realloc
malloc
free
_stricmp
??3@YAXPAX@Z
sprintf

Exports

Exports

main

Sections

.text
Size: 138KB - Virtual size: 137KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text1
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 56KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data1
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

58ae6dcc9d015ce28a7b85ae68d87a29

Headers

File Characteristics

Imports

kernel32

user32

gdi32

msvcrt

Exports

Exports

Sections

.text Size: 138KB - Virtual size: 137KB

.text1 Size: 1KB - Virtual size: 1KB

.rdata Size: 56KB - Virtual size: 56KB

.data Size: 5KB - Virtual size: 6KB

.data1 Size: 2KB - Virtual size: 2KB

.rsrc Size: 2KB - Virtual size: 2KB

.reloc Size: 11KB - Virtual size: 11KB

.text
Size: 138KB - Virtual size: 137KB

.text1
Size: 1KB - Virtual size: 1KB

.rdata
Size: 56KB - Virtual size: 56KB

.data
Size: 5KB - Virtual size: 6KB

.data1
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 2KB - Virtual size: 2KB

.reloc
Size: 11KB - Virtual size: 11KB