3f4bf6a900006906fd9ed6b88c65a23f6919c3f840fcf2578dd0a0f45782b999

Sharing

Copy URL

Twitter E-mail

General

Target

3f4bf6a900006906fd9ed6b88c65a23f6919c3f840fcf2578dd0a0f45782b999
Size

265KB
MD5

72c59981688b96017ba503d5ef08db8e
SHA1

d84b5ab38c89d35470fa60075abb241fb653d80c
SHA256

3f4bf6a900006906fd9ed6b88c65a23f6919c3f840fcf2578dd0a0f45782b999
SHA512

45d56d9efe367674f62501fd7251f817a584ee41575f4143872ba37ecbb7aa971f698254b57d12bec49c589a87de3d52b2c5d5ec6d8ff299507e7ef865ca4330
SSDEEP

3072:LNRWGiqzgeJZhQR5BQNkToFo03lmq3XO5X9OKTMkAwfjK0dtzrgjnqwiV:PxzgejNksH3kGXO5X9OK7hRDrOv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3f4bf6a900006906fd9ed6b88c65a23f6919c3f840fcf2578dd0a0f45782b999

Files

3f4bf6a900006906fd9ed6b88c65a23f6919c3f840fcf2578dd0a0f45782b999
.dll regsvr32 windows:4 windows x86 arch:x86

fba8d8f1841f2a690acc1eba05505f77

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CreateMutexA
ReadFile
WideCharToMultiByte
WaitForSingleObject
LeaveCriticalSection
WaitForMultipleObjects
ReleaseMutex
EnterCriticalSection
SetEvent
GetOverlappedResult
GetLastError
MultiByteToWideChar
ResetEvent
InitializeCriticalSection
CreateEventA
IsBadWritePtr
DeviceIoControl
DeleteCriticalSection
InterlockedIncrement
LocalFree
lstrlenA
InterlockedDecrement
LocalAlloc
GetProcAddress
LoadLibraryA
FreeLibrary
GetSystemDefaultLangID
GetCurrentThreadId
CloseHandle
GetModuleHandleA
CreateProcessA
SetLastError
OpenProcess
InterlockedExchange
RaiseException
SetStdHandle
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
GetLocaleInfoW
IsValidLocale
EnumSystemLocalesA
GetUserDefaultLCID
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
GetSystemTimeAsFileTime
GetTickCount
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
IsValidCodePage
GetOEMCP
GetACP
GetVersionExA
SetFilePointer
Sleep
WriteFile
CreateFileA
HeapReAlloc
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
FlushFileBuffers
GetConsoleMode
GetConsoleCP
GetStartupInfoA
GetFileType
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
ExitThread
CreateThread
GetCurrentProcessId
HeapFree
GetCommandLineA
HeapAlloc
GetProcessHeap
RtlUnwind
GetCPInfo
LCMapStringA
LCMapStringW
ExitProcess
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
HeapSize
GetStdHandle
GetModuleFileNameA
SetHandleCount

user32

DialogBoxParamA
EndDialog
SetWindowTextA
SetDlgItemTextA
OpenDesktopA
GetThreadDesktop
MessageBoxA
wsprintfA

ole32

CoTaskMemFree
CLSIDFromString
CoCreateInstance
CoTaskMemAlloc
CoInitializeEx
CoUninitialize

oleaut32

SysAllocString
SysFreeString

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 139KB - Virtual size: 139KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 89KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 15KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fba8d8f1841f2a690acc1eba05505f77

Headers

File Characteristics

Imports

kernel32

user32

ole32

oleaut32

Exports

Exports

Sections

.text Size: 139KB - Virtual size: 139KB

.rdata Size: 89KB - Virtual size: 88KB

.data Size: 15KB - Virtual size: 22KB

.rsrc Size: 3KB - Virtual size: 3KB

.reloc Size: 17KB - Virtual size: 16KB

.text
Size: 139KB - Virtual size: 139KB

.rdata
Size: 89KB - Virtual size: 88KB

.data
Size: 15KB - Virtual size: 22KB

.rsrc
Size: 3KB - Virtual size: 3KB

.reloc
Size: 17KB - Virtual size: 16KB