3d0d93f651ee7b407024e5ad51b4e79408b72fb77bfd71cddeac8be3642439d7

Sharing

Copy URL

Twitter E-mail

General

Target

3d0d93f651ee7b407024e5ad51b4e79408b72fb77bfd71cddeac8be3642439d7
Size

133KB
MD5

77a369e5e49e7e62d8eef2c00cd02950
SHA1

9b020dd3a60a60613d9d4a42408d317cc3cda4b3
SHA256

3d0d93f651ee7b407024e5ad51b4e79408b72fb77bfd71cddeac8be3642439d7
SHA512

8cb580514c5afde1f67f9e9f255c4e1a6ed94bf158050858f02b3a581abc8557f084fdce64bd1b3ea1585d7b0c53eb17a7945b957d539c84d8478e88abac79c1
SSDEEP

3072:oZ33mmfvTtyURPpTilxSLeh+dF/iEPA+ZVz:oxZXwMTkSndF/iEPA+jz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3d0d93f651ee7b407024e5ad51b4e79408b72fb77bfd71cddeac8be3642439d7

Files

3d0d93f651ee7b407024e5ad51b4e79408b72fb77bfd71cddeac8be3642439d7
.dll windows:4 windows x86 arch:x86

7737343aea7323edb89793427067b002

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

advapi32

CryptAcquireContextA
CryptDecrypt
CryptImportKey
OpenProcessToken
RegCloseKey
RegCreateKeyA
RegOpenKeyExA
RegQueryValueExA
RegSetValueExA

gdi32

BitBlt
CreateCompatibleBitmap
CreateCompatibleDC
DeleteDC
DeleteObject
GetDIBits
SelectObject

kernel32

AddAtomA
CloseHandle
CreateFileA
CreateFileW
CreateMutexA
CreateToolhelp32Snapshot
DeleteFileA
DeleteFileW
FileTimeToSystemTime
FindAtomA
FindClose
FindFirstFileA
FindFirstFileW
FindNextFileA
FindNextFileW
GetAtomNameA
GetCurrentProcess
GetDiskFreeSpaceExA
GetDriveTypeA
GetDriveTypeW
GetFileAttributesA
GetFileSize
GetFileTime
GetLastError
GetLogicalDriveStringsA
GetLogicalDriveStringsW
GetModuleFileNameA
GetModuleFileNameW
GetModuleHandleA
GetProcAddress
GetSystemTime
GetTempPathA
GetTickCount
GetVersionExA
GetVolumeInformationA
GetVolumeInformationW
InterlockedIncrement
LoadLibraryA
MoveFileA
MoveFileW
MultiByteToWideChar
Process32First
Process32Next
ReadFile
ReleaseMutex
SetCurrentDirectoryA
SetErrorMode
SetFileAttributesA
SetFilePointer
SetFileTime
SetLastError
Sleep
SleepEx
SystemTimeToFileTime
SystemTimeToTzSpecificLocalTime
TlsAlloc
TlsGetValue
TlsSetValue
WaitForSingleObject
WideCharToMultiByte
WriteFile
lstrlenA

msvcrt

_stricmp
_unlink
__dllonexit
_assert
_close
_errno
_lseek
_mkdir
_open
_read
_snwprintf
_strdate
_strlwr
_strrev
_strtime
_strupr
_vsnprintf
_wcsupr
_wfopen
_wmkdir
_write
_wrmdir
abort
atoi
atol
exit
fclose
fflush
fopen
fprintf
fputc
fputs
fread
free
fseek
ftell
fwrite
malloc
memcpy
memset
rewind
sprintf
strcat
strchr
strcmp
strcpy
strlen
strncpy
strstr
strtok
swprintf
time
tmpnam
wcscat
wcscmp
wcscpy
wcslen
wcsrchr

user32

DefWindowProcA
DispatchMessageA
GetClientRect
GetDC
GetDesktopWindow
GetLastInputInfo
GetMessageA
LoadCursorA
LoadIconA
ReleaseDC
TranslateMessage

wininet

HttpQueryInfoA
HttpSendRequestA
InternetSetOptionA

Exports

Exports

a
b
c

Sections

.text
Size: 114KB - Virtual size: 113KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1024B - Virtual size: 732B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 32KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 184B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 860B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

7737343aea7323edb89793427067b002

Headers

File Characteristics

Imports

advapi32

gdi32

kernel32

msvcrt

user32

wininet

Exports

Exports

Sections

.text Size: 114KB - Virtual size: 113KB

.data Size: 3KB - Virtual size: 2KB

.rdata Size: 1024B - Virtual size: 732B

.bss Size: - Virtual size: 32KB

.edata Size: 512B - Virtual size: 184B

.idata Size: 4KB - Virtual size: 4KB

.rsrc Size: 1024B - Virtual size: 860B

.reloc Size: 8KB - Virtual size: 7KB

.text
Size: 114KB - Virtual size: 113KB

.data
Size: 3KB - Virtual size: 2KB

.rdata
Size: 1024B - Virtual size: 732B

.bss
Size: - Virtual size: 32KB

.edata
Size: 512B - Virtual size: 184B

.idata
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 1024B - Virtual size: 860B

.reloc
Size: 8KB - Virtual size: 7KB