3dc912919f6e8649457c1dee22b1905b5491d0c71aed62378399a663a1d2e226[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

3dc912919f6e8649457c1dee22b1905b5491d0c71aed62378399a663a1d2e226.exe
Size

52KB
MD5

3d2e3c9ed968681729e0361e7b82e0e0
SHA1

b2f443ee27d15b03cf98c4e970c634df3be4a96f
SHA256

3dc912919f6e8649457c1dee22b1905b5491d0c71aed62378399a663a1d2e226
SHA512

83e294719c7814aecf28f31e819629a89ce2cf4cd34b32cb23e94b761ba0a1109c027bf6e71016530c81a4ea666fb5f607dadb8b30f6f8b2961052b4e970c045
SSDEEP

768:wVd8RI+6TuSWIZ2xiB9HZpO+54UNhSoYb55xueHJ2g:wVd8G+AuSDAupwUaos1uep2g

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3dc912919f6e8649457c1dee22b1905b5491d0c71aed62378399a663a1d2e226.exe

Files

3dc912919f6e8649457c1dee22b1905b5491d0c71aed62378399a663a1d2e226.exe
.exe windows:4 windows x86 arch:x86

322ef63903747ee0a8e4ba1c96a2e23b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

bc32fn

DBDatabase
FreeLocalData
pvTerminateProgram
AllocLocalData
Name3
CloseDB3
WriteDB5
ZENDFIL
GetDB5
ComposeFileName
SetCondition
DBFILEINFO
DBClose
szTmpBuf
TmpLogFile
DBCheckDBData4
pFrmtBuffer
VARLIST
TABOffset
RPEE
RFLV
RPED
RADDR
CheckProto
BcxExit
CallDllFunction2
CallBCFunction
GetArg
SkipRightBlk
WS
ZPROFW
SetExEuro
ZPREXTEND
bPrintFileName
bGetActualArgsExv
pInfoExe
ZEXVARG
PropertiesEx
ZTRADVER
ZMINVER
ZMINVERUX
pszCurrentModule
GetPHX
PHB
PHD
PHP
AddSl
PHDLL
SetString
StrAdd
Close
DBXAccess
bOptimizeSearch
iNewFrmSpec
pszSUBProto
psArgv
iArgc
CallAllPrograms
PROGC
ZNOMEXE
BcMain2
BCGetFileSize

bc32ui

DBCreateVars2
DefVidWaitMsg3
pszDecodMessage
wKeyFlags
RTAB
RRA
RIF
RO
DBDefineStructs
CANVID
EntryInitProgramData
cRowsRI
cColsRI
RI
KYM
ExitInitProgramData
EntryTerminateProgram
DBRemoveVars
RCCHAN
WgsInitData
ExitTerminateProgram
DefinePos4
TraceDebug2
szProgramName
ABC
pszID
DefineWindow10
DefineFormat
DefineLabel3
DefineEdit11
DefineButtonIvt
RRI
ZDECOD
RCI
RunWindow6
ZVIDCOMPVIS
WgsRestoreInputData
WgsSetEnabledKeys
WgsSetDefinedKeys
WgsSetUncheckedKeys
WgsMessageBoxEx
RCSRCH
SearchSTR
WgsExitAppThread
WgsInitID
SetWindowConditions3

kernel32

TerminateProcess
GetCurrentProcess
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
GetProcAddress
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
HeapDestroy
HeapCreate
VirtualFree
HeapFree
RtlUnwind
WriteFile
GetCPInfo
GetACP
GetOEMCP
HeapAlloc
VirtualAlloc
HeapReAlloc
LoadLibraryA
MultiByteToWideChar
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
ExitProcess

Sections

.text
Size: 28KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 916B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

322ef63903747ee0a8e4ba1c96a2e23b

Headers

File Characteristics

Imports

bc32fn

bc32ui

kernel32

Sections

.text Size: 28KB - Virtual size: 24KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 8KB - Virtual size: 8KB

.rsrc Size: 4KB - Virtual size: 916B

.text
Size: 28KB - Virtual size: 24KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 8KB - Virtual size: 8KB

.rsrc
Size: 4KB - Virtual size: 916B