3e1a268458691ddafa0f214d7c328cfe05393a9ce54223927378f95434334cbf

Sharing

Copy URL

Twitter E-mail

General

Target

3e1a268458691ddafa0f214d7c328cfe05393a9ce54223927378f95434334cbf
Size

2.4MB
MD5

2d2bffe84a15f476ce542a827d29117c
SHA1

d98be7f44c9a5c57fed488a29028719694bc8d8e
SHA256

3e1a268458691ddafa0f214d7c328cfe05393a9ce54223927378f95434334cbf
SHA512

e304a4f5530fa348a65fedda5fdfd751c310be79a855f64d904f403a41bedec08dc6fa78a4597915207c6a924fa776e821958fd51334276c6e81b8ef41f5b354
SSDEEP

49152:sa0SzpKygHxMLT/QioIUiRj5FiFfNNZ9V2WS:BQxMwUUiRj5spZ9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3e1a268458691ddafa0f214d7c328cfe05393a9ce54223927378f95434334cbf

Files

3e1a268458691ddafa0f214d7c328cfe05393a9ce54223927378f95434334cbf
.exe windows:4 windows x86 arch:x86

cce9dd4b56e68d1d017286e9299ac6fd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateMutexA
GetSystemInfo
GetVersionExA
GetLocalTime
FormatMessageA
GetLastError
SetFilePointer
ReadFile
Sleep
GetCommandLineA
DeleteFileA
CreateFileA
WriteFile
UnmapViewOfFile
CloseHandle
CreateFileMappingA
MapViewOfFile
InterlockedExchange
SetEnvironmentVariableA
CompareStringW
CompareStringA
GetLocaleInfoW
IsBadCodePtr
IsBadReadPtr
GetUserDefaultLCID
CreateProcessA
GetLocaleInfoA
IsValidCodePage
IsValidLocale
GetOEMCP
_hread
GlobalMemoryStatus
GetACP
GetCPInfo
GetEnvironmentStringsW
FindFirstFileA
FindNextFileA
FindClose
_lopen
_lcreat
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
FlushFileBuffers
SetUnhandledExceptionFilter
GetStringTypeW
GetStringTypeA
SetEndOfFile
GetExitCodeProcess
GetStdHandle
GetModuleFileNameA
WideCharToMultiByte
MultiByteToWideChar
QueryPerformanceFrequency
QueryPerformanceCounter
_lwrite
OutputDebugStringA
OpenFile
GetFileSize
WaitForSingleObject
EnumSystemLocalesA
ReleaseMutex
_llseek
_hwrite
_lclose
GetTickCount
GetSystemTime
GetVolumeInformationA
_lread
MulDiv
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
CreateFileW
HeapFree
GetProcessHeap
GetProcAddress
LoadLibraryA
GetModuleHandleA
SetThreadPriority
SetPriorityClass
GetThreadPriority
GetCurrentThread
GetPriorityClass
GetCurrentProcess
FreeLibrary
RtlUnwind
HeapAlloc
InterlockedDecrement
InterlockedIncrement
GetTimeZoneInformation
GetFileType
HeapReAlloc
RaiseException
GetStartupInfoA
GetVersion
ExitProcess
TerminateProcess
ResumeThread
CreateThread
TlsSetValue
ExitThread
FileTimeToSystemTime
FileTimeToLocalFileTime
EnterCriticalSection
LeaveCriticalSection
SetHandleCount
DeleteCriticalSection
InitializeCriticalSection
GetCurrentThreadId
TlsAlloc
SetLastError
TlsGetValue
HeapSize
GetEnvironmentVariableA
HeapDestroy
HeapCreate
IsBadWritePtr
LCMapStringA
LCMapStringW
SetStdHandle

user32

DestroyWindow
SetCursorPos
PeekMessageA
SendMessageA
GetDlgItem
SetDlgItemTextA
CreateWindowExA
ShowWindow
SetWindowTextA
SetWindowLongA
ClipCursor
GetWindowLongA
GetDesktopWindow
GetWindowRect
MoveWindow
PostMessageA
ShowCursor
GetClientRect
ClientToScreen
DefWindowProcA
PostQuitMessage
UpdateWindow
SetForegroundWindow
AdjustWindowRect
DispatchMessageA
TranslateMessage
MessageBeep
SetCapture
GetMessageA
RegisterClassA
LoadCursorA
LoadIconA
GetKeyboardState
SendInput
PtInRect
AdjustWindowRectEx
GetParent
GetWindowPlacement
IsWindow
ReleaseDC
GetDC
SendDlgItemMessageA
CheckRadioButton
MessageBoxA
EndDialog
DialogBoxParamA

gdi32

DeleteDC
SelectObject
SetTextColor
SetBkColor
CreateFontA
CreateCompatibleDC
ExtTextOutA
GetTextExtentPoint32A
SetTextAlign
GetDeviceCaps
SetMapMode
DeleteObject
CreateDIBSection
GetStockObject

advapi32

RegQueryValueExA
RegCloseKey
RegOpenKeyA

winmm

timeGetTime
joyGetNumDevs
joyGetDevCapsA
timeGetDevCaps
timeBeginPeriod
timeKillEvent
timeEndPeriod
timeSetEvent
joyGetPosEx

wsock32

gethostbyname
ioctlsocket
WSAGetLastError
WSAStartup
WSACleanup
bind
htons
ntohl
closesocket
inet_ntoa
socket
sendto
recvfrom
inet_addr
gethostbyaddr
getsockopt
setsockopt

shlwapi

PathStripPathA
PathRemoveExtensionA
PathAddExtensionA

ibrowse

ibrowse_Sleep
ibrowse_InitEx2
ibrowse_SetCallback
ibrowse_Wake
ibrowse_OnKeyDown
ibrowse_OnChar
ibrowse_OnKeyUp
ibrowse_GetTitle
ibrowse_GetMetaValue
ibrowse_OpenURL
ibrowse_EnableRender
ibrowse_Render
ibrowse_GetCookieValue
ibrowse_GetCookieBufferData
ibrowse_OnMouse

dinput8

DirectInput8Create

apiclient

InitDll
RegisterClient
GetActiveCover

ole32

CoCreateInstance
CoInitialize

dsound

ord11

dplayx

ord1
ord4

d3d8

Direct3DCreate8

Sections

.text
Size: 1.9MB - Virtual size: 1.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

_text
Size: 172KB - Virtual size: 168KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

_TEXT
Size: 4KB - Virtual size: 12B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 56KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 272KB - Virtual size: 9.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data1
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cce9dd4b56e68d1d017286e9299ac6fd

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

winmm

wsock32

shlwapi

ibrowse

dinput8

apiclient

ole32

dsound

dplayx

d3d8

Sections

.text Size: 1.9MB - Virtual size: 1.9MB

_text Size: 172KB - Virtual size: 168KB

_TEXT Size: 4KB - Virtual size: 12B

.rdata Size: 56KB - Virtual size: 52KB

.data Size: 272KB - Virtual size: 9.3MB

.data1 Size: 4KB - Virtual size: 2KB

.rsrc Size: 36KB - Virtual size: 35KB

.text
Size: 1.9MB - Virtual size: 1.9MB

_text
Size: 172KB - Virtual size: 168KB

_TEXT
Size: 4KB - Virtual size: 12B

.rdata
Size: 56KB - Virtual size: 52KB

.data
Size: 272KB - Virtual size: 9.3MB

.data1
Size: 4KB - Virtual size: 2KB

.rsrc
Size: 36KB - Virtual size: 35KB