3c637ba1ddca13247061f856d2050540N[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

3c637ba1ddca13247061f856d2050540N.exe
Size

6.5MB
MD5

3c637ba1ddca13247061f856d2050540
SHA1

3a98581bb19e83cc00596ab69dff82b0cda0846b
SHA256

51304ba23d001773d4392ea491f9a0bb55b5c96d062834a924411ee9ad9c559f
SHA512

95b125b2eb2dd0f9992f73a4618257c9f90e01300577d34b7f14b716e70382339cb59fe7d6989556f553b0caff4e56d52df92fd0a86ef4efa77789c2c2aea773
SSDEEP

98304:ZYVlF8amIMvk1trAdU5lPM5vQrPBaxea86ipGXWRjYl665Ed4k0hq5HCmv8CcLJb:gmIMvat1LLrPYxea8ZWQjeFNICmLcLJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3c637ba1ddca13247061f856d2050540N.exe

Files

3c637ba1ddca13247061f856d2050540N.exe
.dll windows:6 windows x86 arch:x86

acfe24779232c85004b0b92f18a4c784

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetOEMCP
GetACP
IsValidCodePage
IsDebuggerPresent
GetProcessHeap
HeapSize
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
CloseHandle
LCMapStringW
IsProcessorFeaturePresent
GetModuleHandleW
GetStartupInfoW
TlsFree
FlushFileBuffers
WriteFile
GetConsoleCP
GetConsoleMode
GetStdHandle
GetFileType
ReadFile
SetFilePointerEx
GetModuleFileNameW
LoadLibraryExW
GetModuleFileNameA
QueryPerformanceCounter
GetCurrentProcessId
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetStdHandle
WriteConsoleW
ReadConsoleW
OutputDebugStringW
CreateFileW
SetEndOfFile
lstrcpynW
GetVersionExW
GetSystemDirectoryW
SizeofResource
GetPrivateProfileStringW
GetSystemDefaultUILanguage
GetTempFileNameW
EncodePointer
EnumResourceTypesW
EnumResourceNamesW
GetSystemInfo
GetDiskFreeSpaceW
SystemTimeToFileTime
GetLocaleInfoW
TlsSetValue
TlsGetValue
TlsAlloc
TerminateProcess
GetCurrentProcess
Sleep
InitializeCriticalSectionAndSpinCount
SetLastError
WideCharToMultiByte
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
DecodePointer
MultiByteToWideChar
GetStringTypeW
GetLastError
HeapReAlloc
GetSystemTimeAsFileTime
RaiseException
RtlUnwind
HeapFree
ExitProcess
GetModuleHandleExW
GetProcAddress
AreFileApisANSI
HeapAlloc
GetCommandLineA
GetCurrentThreadId
GetCPInfo
UnhandledExceptionFilter
SetUnhandledExceptionFilter

user32

EndPaint
HideCaret
CharUpperBuffW
CreateDialogParamA
PostMessageW
MsgWaitForMultipleObjects
GetKeyState
GetClientRect
SetScrollPos
MonitorFromWindow
SetWindowLongW
RedrawWindow
DestroyCaret
SendDlgItemMessageW
IsDlgButtonChecked
PostMessageA
FlashWindow
UnionRect
SendMessageW
GetDlgItemTextA
SetTimer
GetSubMenu
CharLowerBuffW
DrawTextExW
GetDC
GetQueueStatus
GetCapture
GetKeyboardState
GetMenu
GetWindowPlacement
GetKeyboardLayout
GetScrollInfo
GetDesktopWindow
GetSysColor
SetMenu
GetSysColorBrush
GetMenuItemCount
InsertMenuW
GetSystemMetrics
SetCaretPos
DialogBoxParamA
SetMenuItemInfoW
SetDlgItemTextA
CheckMenuItem
SetWindowTextA

gdi32

TranslateCharsetInfo
MaskBlt
CreateFontIndirectW
GetDeviceCaps
GetDIBits
SetBkColor
SetPixel
GetPaletteEntries
CreateRectRgnIndirect
GetObjectType
GetTextExtentExPointA
CreateRectRgn
GetCharABCWidthsFloatA
GetBitmapBits
GetTextExtentPoint32W
GetTextExtentPoint32A
LineTo
DeleteDC
SaveDC
SelectPalette
SetPaletteEntries
GetCharWidth32A
CreatePen
GetClipBox
IntersectClipRect
GetPixel
GetStockObject
EndPage

advapi32

RegEnumKeyExW
GetLengthSid
QueryServiceStatus
OpenSCManagerW
AllocateAndInitializeSid
ChangeServiceConfigW
RegConnectRegistryW
RegQueryInfoKeyW
CloseServiceHandle

shell32

SHGetFileInfoW

oleaut32

VariantChangeType
SafeArrayCreate
SysReAllocStringLen
SafeArrayGetUBound
VariantClear
SafeArrayGetLBound

Sections

.text
Size: 556KB - Virtual size: 556KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 5.9MB - Virtual size: 5.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

acfe24779232c85004b0b92f18a4c784

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

oleaut32

Sections

.text Size: 556KB - Virtual size: 556KB

.data Size: 5.9MB - Virtual size: 5.9MB

.idata Size: 4KB - Virtual size: 4KB

.reloc Size: 13KB - Virtual size: 13KB

.text
Size: 556KB - Virtual size: 556KB

.data
Size: 5.9MB - Virtual size: 5.9MB

.idata
Size: 4KB - Virtual size: 4KB

.reloc
Size: 13KB - Virtual size: 13KB