3936be928662f93eb0cda07a9e64fcd4

Sharing

Copy URL Twitter E-mail

General

Target

3936be928662f93eb0cda07a9e64fcd4
Size

185KB
MD5

3936be928662f93eb0cda07a9e64fcd4
SHA1

5ffd74798a3fb44077458b0b097cfd99d6ebbcaa
SHA256

02e09ff458efe742f1ac595633a87103cc175b2542b372b5a74eedc5d7bb507b
SHA512

90dd42653f44bdf3e845d88d55c37890388c77f5d76227b912d7183b813e7f9243f06b7e05dd09cf5bc282fa8cdc4eef893cb5df1f20e0248cbd3a9856944b87
SSDEEP

3072:i0jVFtNLuwB4TaVZ2289CBhqPm8vibyUGPCoW/CqCrp78PnrfRrs/Gpf/Pg:i0jVTNLluaVZT89CBhqH0z9Crp6lrs/m

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3936be928662f93eb0cda07a9e64fcd4

Files

3936be928662f93eb0cda07a9e64fcd4
.exe windows:4 windows x86 arch:x86

8efaeac163453d1571431134cbca2cdf

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateProcessA
MoveFileA
GetShortPathNameA
GetPrivateProfileStringA
GetVersionExA
WriteFile
GetTempPathA
ReadFile
GetFileInformationByHandle
GetFullPathNameA
GetWindowsDirectoryA
SetFileAttributesA
DeleteFileA
RemoveDirectoryA
LocalAlloc
LocalLock
GetPrivateProfileSectionNamesA
SetCurrentDirectoryA
WritePrivateProfileStringA
LocalUnlock
CreateFileA
CompareStringW
CloseHandle
LoadLibraryA
GetStringTypeW
CompareStringA
SetStdHandle
IsBadCodePtr
GetStringTypeA
IsBadReadPtr
SetUnhandledExceptionFilter
IsBadWritePtr
SetFilePointer
FlushFileBuffers
VirtualAlloc
HeapCreate
HeapDestroy
VirtualFree
GetStdHandle
SetHandleCount
GetFileType
GetACP
GetCPInfo
GetOEMCP
GetEnvironmentStringsW
GetEnvironmentStrings
WideCharToMultiByte
MultiByteToWideChar
FreeEnvironmentStringsA
FreeEnvironmentStringsW
UnhandledExceptionFilter
GetProcAddress
lstrcpyA
GetModuleFileNameA
GetCurrentProcess
TerminateProcess
ExitProcess
GetVersion
GetStartupInfoA
GetModuleHandleA
RtlUnwind
CopyFileA
GetCurrentDirectoryA
SetEnvironmentVariableA
HeapAlloc
lstrlenA
GetProcessHeap
HeapFree
GetFileAttributesA
GetLastError
FindNextFileA
HeapReAlloc
LCMapStringW
LCMapStringA
SetEndOfFile
FindFirstFileA
LocalFree
FindClose
GetPrivateProfileSectionA
CreateDirectoryA
GetCommandLineA

user32

SystemParametersInfoA
GetIconInfo
EndDialog
GetWindowTextA
GetWindowLongA
SetWindowTextA
GetDlgItem
SetWindowLongA
SendMessageA
MessageBoxA
SendDlgItemMessageA
EnableWindow
wsprintfA
DialogBoxParamA
DestroyWindow
SetCursor
LoadCursorA
SetCapture
CreateDialogParamA
GetSystemMetrics
GetDesktopWindow
IsDlgButtonChecked
LockWindowUpdate
CheckDlgButton
GetDlgItemTextA
GetParent
DrawTextA
GetDlgItemInt
InvalidateRect
SetDlgItemInt
PostMessageA
LoadBitmapA
UpdateWindow
MoveWindow
ShowWindow
GetClientRect
SetDlgItemTextA
LoadCursorFromFileA
BeginPaint
EndPaint
SetSysColors
CopyIcon
SetSystemCursor
GetWindowRect
ReleaseCapture
GetDC
DrawIconEx
ReleaseDC
GetSysColor
LoadImageA

gdi32

DeleteObject
SelectPalette
Rectangle
CreateBrushIndirect
AddFontResourceA
RemoveFontResourceA
GetObjectA
CreateCompatibleDC
DeleteDC
CreateHalftonePalette
StretchBlt
SetStretchBltMode
BitBlt
CreateCompatibleBitmap
SelectObject
RealizePalette
CreateSolidBrush
GetDIBits
GetStockObject
SetBkColor
EnumFontFamiliesExA
SetTextColor
CreateFontIndirectA

comdlg32

ChooseColorA
GetSaveFileNameA
GetOpenFileNameA

advapi32

RegOpenKeyA
GetUserNameA
RegCloseKey
RegQueryValueExA
RegEnumKeyExA
RegDeleteKeyA
RegSetValueExA
RegOpenKeyExA
RegDeleteValueA
RegCreateKeyExA

shell32

ShellExecuteExA
ExtractIconA
SHGetPathFromIDListA
DragFinish
DragQueryFileA
DragAcceptFiles
SHBrowseForFolderA

comctl32

ImageList_Destroy
PropertySheetA
ord17
ImageList_Add
ImageList_Create

winmm

PlaySoundA

Sections

.text
Size: 134KB - Virtual size: 134KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 23KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8efaeac163453d1571431134cbca2cdf

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

comctl32

winmm

Sections

.text Size: 134KB - Virtual size: 134KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 23KB - Virtual size: 28KB

.idata Size: 5KB - Virtual size: 4KB

.rsrc Size: 17KB - Virtual size: 16KB

.text
Size: 134KB - Virtual size: 134KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 23KB - Virtual size: 28KB

.idata
Size: 5KB - Virtual size: 4KB

.rsrc
Size: 17KB - Virtual size: 16KB