3d5eecf252914a01818d726769c631e11179bcc285b4bfdcc427b2c68bff8e4b

Sharing

Copy URL Twitter E-mail

General

Target

3d5eecf252914a01818d726769c631e11179bcc285b4bfdcc427b2c68bff8e4b
Size

1.2MB
MD5

8bb9fbe9d48f526389e66056defe1aec
SHA1

9b08889dfd2124adc4a3192931b7ac13cd7a2e29
SHA256

3d5eecf252914a01818d726769c631e11179bcc285b4bfdcc427b2c68bff8e4b
SHA512

d8110b14067a7d26235c14d13936069a375dbebedcaf7f4a90a6ec893c345be932fa039a41ecb55f21cb0cdd6be8d309c8b0341a940cb17eb7b85af16d6145d7
SSDEEP

24576:ybLaWO/Wah3UipMpD813tkRueDtaPhm1eUPxS0509g:qaWOT2ytSueoPh+ZMr9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3d5eecf252914a01818d726769c631e11179bcc285b4bfdcc427b2c68bff8e4b

Files

3d5eecf252914a01818d726769c631e11179bcc285b4bfdcc427b2c68bff8e4b
.exe windows:5 windows x86 arch:x86

7bc6410b101ccffe174bbb5887de20b5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegCloseKey
RegQueryValueExA
RegOpenKeyExA
CryptGenRandom
CryptAcquireContextA

comdlg32

GetOpenFileNameA

kernel32

GetShortPathNameW
WideCharToMultiByte
GetFileAttributesA
GetModuleFileNameA
GetEnvironmentVariableW
MultiByteToWideChar
GetLocaleInfoA
GetSystemInfo
GetLastError
GetCurrentThreadId
CreateThread
WaitForSingleObject
Module32Next
Module32First
CreateToolhelp32Snapshot
GetTempPathA
VirtualAlloc
VirtualFree
OutputDebugStringA
CloseHandle
GetCurrentProcess
GetCurrentProcessId
CreateFileA
SwitchToFiber
DeleteFiber
CreateFiber
ConvertThreadToFiber
CreateFiberEx
GetFileAttributesExA
RemoveDirectoryA
FindFirstFileA
FindNextFileA
FindClose
GetDiskFreeSpaceExA
SetFileAttributesA
SetEndOfFile
SetFilePointer
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
SetErrorMode
InterlockedIncrement
SetEvent
CreateEventA
InterlockedDecrement
DeleteFileA
VirtualProtect
CreateProcessA
SetDllDirectoryA
SetThreadPriority
GetExitCodeThread
GetTickCount
TlsAlloc
TlsFree
TlsSetValue
TlsGetValue
TryEnterCriticalSection
ExitThread
CreateSemaphoreA
ReleaseSemaphore
DuplicateHandle
GetCurrentThread
QueryPerformanceCounter
CopyFileA
FileTimeToSystemTime
SystemTimeToFileTime
SystemTimeToTzSpecificLocalTime
GetTimeZoneInformation
GlobalFree
GetCommandLineA
GetProcessHeap
WriteConsoleW
SetStdHandle
SetEnvironmentVariableA
CompareStringW
IsValidLocale
EnumSystemLocalesA
GetUserDefaultLCID
GetStringTypeW
GetEnvironmentStringsW
FreeEnvironmentStringsW
PeekNamedPipe
GetFileInformationByHandle
GetCurrentDirectoryW
HeapSize
GetLocaleInfoW
LoadLibraryW
FlushFileBuffers
GetConsoleMode
GetConsoleCP
ReadFile
HeapCreate
GetModuleFileNameW
WriteFile
GetFileType
InitializeCriticalSectionAndSpinCount
GetStdHandle
SetHandleCount
LCMapStringW
IsProcessorFeaturePresent
SetLastError
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetStartupInfoW
HeapSetInformation
GetSystemTimeAsFileTime
HeapReAlloc
MoveFileA
FindFirstFileExA
GetDriveTypeA
FileTimeToLocalFileTime
CreateDirectoryA
GetFullPathNameA
GetDriveTypeW
EncodePointer
RtlUnwind
DecodePointer
ExitProcess
GetModuleHandleW
HeapFree
HeapAlloc
RaiseException
CreateFileW
LocalAlloc
MulDiv
GetModuleHandleA
GlobalAlloc
GlobalLock
GlobalUnlock
Sleep
ExpandEnvironmentStringsA
LoadLibraryA
GetProcAddress
FreeLibrary
InterlockedExchange
QueryPerformanceFrequency

user32

KillTimer
GetKeyboardLayout
SetClassLongA
DestroyWindow
CreateWindowExA
OpenClipboard
SetClipboardData
CloseClipboard
EmptyClipboard
SetCursor
DestroyCursor
CountClipboardFormats
GetClipboardData
GetSystemMetrics
LoadImageA
SetWindowPos
ReleaseDC
DrawTextA
SendMessageA
SetTimer
TrackMouseEvent
GetMessageExtraInfo
EnumChildWindows
GetDC
GetDlgItem
LoadCursorFromFileA
GetWindowInfo
SetWindowTextA
GetSysColor
AdjustWindowRect
GetWindowLongA
ShowWindow
SetFocus
FlashWindow
InvalidateRect
GetClientRect
EndDialog
EndPaint
FillRect
BeginPaint
DestroyMenu
TrackPopupMenu
AppendMenuA
CreateMenu
CreatePopupMenu
ScreenToClient
DialogBoxParamA
CallNextHookEx
TranslateMessage
DispatchMessageA
GetMessageA
SetWindowsHookExA
PostThreadMessageA
GetForegroundWindow
ValidateRect
DefWindowProcA
SetDlgItemTextW
GetWindowTextA
CloseWindow
SetForegroundWindow
LoadIconA
GetWindowTextW
SetWindowTextW
ClientToScreen
GetParent
MoveWindow
GetWindowRect
UnregisterClassA
MapWindowPoints
GetCursorInfo
ShowCursor
SetWindowLongA
MapVirtualKeyA
GetWindowPlacement
SetPropA
PostMessageA
LoadCursorA
RegisterClassA

gdi32

DeleteDC
GetBitmapBits
CreateDIBSection
CreateCompatibleDC
SetBkColor
CreateFontA
SelectObject
GetDeviceCaps
DeleteObject

shell32

ShellExecuteA

ole32

CoInitialize
PropVariantClear
CoCreateInstance
CoUninitialize
CreateStreamOnHGlobal

oleaut32

OleLoadPicture

winmm

waveInAddBuffer
waveInStart
waveInGetErrorTextA
waveInOpen
waveInReset
waveInClose
waveInPrepareHeader

ddraw

DirectDrawCreate

dsound

ord1

d3d9

Direct3DCreate9

shlwapi

ord219

ws2_32

bind
closesocket
connect
getsockname
getpeername
socket
htons
WSACleanup
WSAStartup
ioctlsocket
WSAAsyncSelect
recvfrom
getaddrinfo
freeaddrinfo
inet_ntoa
gethostname
gethostbyname
gethostbyaddr
getsockopt
setsockopt
WSAGetLastError
WSAAddressToStringA
WSAStringToAddressA
sendto
send
recv
accept
listen
__WSAFDIsSet
inet_addr
select

libeay32

ord341
ord342
ord340

Exports

Exports

Main
s3eExtGet

Sections

.text
Size: 772KB - Virtual size: 772KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 100KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 19KB - Virtual size: 2.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 273KB - Virtual size: 273KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7bc6410b101ccffe174bbb5887de20b5

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

comdlg32

kernel32

user32

gdi32

shell32

ole32

oleaut32

winmm

ddraw

dsound

d3d9

shlwapi

ws2_32

libeay32

Exports

Exports

Sections

.text Size: 772KB - Virtual size: 772KB

.rdata Size: 100KB - Virtual size: 100KB

.data Size: 19KB - Virtual size: 2.2MB

.rsrc Size: 273KB - Virtual size: 273KB

.reloc Size: 60KB - Virtual size: 60KB

.text
Size: 772KB - Virtual size: 772KB

.rdata
Size: 100KB - Virtual size: 100KB

.data
Size: 19KB - Virtual size: 2.2MB

.rsrc
Size: 273KB - Virtual size: 273KB

.reloc
Size: 60KB - Virtual size: 60KB