3b1d9484093bce043dbc764b85419310N[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

3b1d9484093bce043dbc764b85419310N.exe
Size

4.7MB
MD5

3b1d9484093bce043dbc764b85419310
SHA1

5775f10684a44645cebd2b7603f3248d1bb0a500
SHA256

c076b8c097d12012b4c1e2f4dac2dae41ffdd9cd28930bfbc0dc2a24f8d407a8
SHA512

a247198bb12baaf4cd348b0014d5ec565694af0dc3696abf76b9b03b69f8beb519e0fd2ec567bafaf096802d4cf00b6c032b2bb1659f4013e4472e2a321e0073
SSDEEP

98304:pZ7n7iZd4Kgx24qhOHQO7R/oufnu11A5lLJjJtFJHlfnZ5NVw:ppn2ZgOOHQaR3WI5xbN5E

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3b1d9484093bce043dbc764b85419310N.exe

Files

3b1d9484093bce043dbc764b85419310N.exe
.exe windows:4 windows x86 arch:x86

6c50d47eff66a9c15b6627d8e0753a5e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

timeGetTime
timeEndPeriod
PlaySoundA
timeBeginPeriod

comctl32

FlatSB_SetScrollInfo
FlatSB_SetScrollPos
FlatSB_SetScrollProp
ImageList_Add
ImageList_BeginDrag
ImageList_Copy
ImageList_Create
ImageList_Destroy
ImageList_DragEnter
ImageList_DragLeave
ImageList_DragMove
ImageList_DragShowNolock
ImageList_DrawEx
ImageList_EndDrag
ImageList_GetBkColor
ImageList_GetDragImage
ImageList_GetIconSize
ImageList_GetImageCount
ImageList_Read
ImageList_Remove
ImageList_Replace
ImageList_ReplaceIcon
ImageList_SetBkColor
ImageList_SetIconSize
ImageList_SetImageCount
ImageList_Write
ord17
InitializeFlatSB
FlatSB_GetScrollInfo
_TrackMouseEvent
FlatSB_GetScrollPos

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

kernel32

OutputDebugStringW
QueryPerformanceCounter
RaiseException
ReadFile
RemoveDirectoryW
ResetEvent
ResumeThread
SetEndOfFile
SetErrorMode
SetEvent
SetFilePointer
SetLastError
SetThreadLocale
MultiByteToWideChar
SizeofResource
Sleep
SuspendThread
SystemTimeToTzSpecificLocalTime
TerminateThread
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
VirtualAlloc
VirtualFree
VirtualProtect
VirtualQuery
VirtualQueryEx
WaitForMultipleObjectsEx
WaitForSingleObject
WideCharToMultiByte
WriteFile
WritePrivateProfileStringW
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetCurrentProcess
TerminateProcess
GetStartupInfoA
GetModuleHandleA
RtlUnwind
TlsAlloc
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
HeapFree
GetCPInfo
GetOEMCP
HeapAlloc
HeapReAlloc
MulDiv
lstrlenW
lstrcpyW
lstrcpynW
lstrcmpW
LockResource
LocalFree
LocalAlloc
GetStringTypeA
LoadResource
LoadLibraryExW
IsValidLocale
InterlockedIncrement
InterlockedExchangeAdd
InterlockedDecrement
InterlockedCompareExchange
GlobalUnlock
GlobalLock
GlobalFree
GlobalFindAtomW
GlobalDeleteAtom
GlobalAlloc
GlobalAddAtomW
GetWindowsDirectoryW
GetVolumeInformationW
GetVersionExW
GetVersion
GetTimeZoneInformation
GetThreadPriority
GetThreadLocale
GetTempPathW
GetSystemInfo
GetStdHandle
GetPrivateProfileStringW
GetModuleHandleW
GetModuleFileNameW
GetModuleFileNameA
GetLocalTime
GetLocaleInfoW
GetLastError
GetFullPathNameW
GetFileAttributesW
GetFileAttributesExW
GetExitCodeThread
GetEnvironmentVariableW
GetDriveTypeW
GetDiskFreeSpaceW
GetDateFormatW
GetCurrentThreadId
GetCurrentProcessId
GetCPInfoExW
GetCommandLineW
GetACP
GetFileType
FreeResource
FormatMessageW
FindResourceW
FindNextFileW
FindFirstFileW
FindClose
FileTimeToSystemTime
FileTimeToLocalFileTime
FileTimeToDosDateTime
ExpandEnvironmentStringsW
ExitThread
ExitProcess
EnumSystemLocalesW
EnumCalendarInfoW
DeviceIoControl
DeleteFileW
DeleteCriticalSection
CreateThread
CreateProcessW
CreateFileW
CreateEventW
CreateDirectoryW
CopyFileW
CompareStringW
CloseHandle
GetStartupInfoW
GetCommandLineA
InitializeCriticalSection
EnterCriticalSection
GetTickCount
LeaveCriticalSection
LoadLibraryA
LoadLibraryW
GetProcAddress
FreeLibrary
GetStringTypeW
LCMapStringA
LCMapStringW
SetThreadPriority

user32

SetClipboardData
SetCursorPos
SetFocus
SetForegroundWindow
SetKeyboardState
SetMenuItemInfoW
SetParent
SetPropW
SetRect
SetScrollInfo
SetScrollPos
SetScrollRange
SetTimer
SetWindowLongW
SetWindowPlacement
SetWindowPos
SetWindowRgn
SetWindowsHookExW
SetWindowTextW
ShowCaret
ShowOwnedPopups
ShowScrollBar
ShowWindow
SystemParametersInfoW
TrackPopupMenu
TranslateMDISysAccel
TranslateMessage
UnhookWindowsHookEx
UnregisterClassW
UpdateWindow
WaitMessage
WindowFromPoint
OpenClipboard
OffsetRect
MsgWaitForMultipleObjectsEx
MessageBoxW
MessageBoxA
MessageBeep
MapWindowPoints
MapVirtualKeyW
LoadStringW
LoadKeyboardLayoutW
LoadIconW
LoadCursorW
LoadBitmapW
KillTimer
IsZoomed
IsWindowVisible
IsWindowUnicode
IsWindowEnabled
IsIconic
IsDialogMessageW
IsDialogMessageA
IsClipboardFormatAvailable
IsChild
InvalidateRect
InsertMenuW
InsertMenuItemW
InflateRect
HideCaret
GetWindowThreadProcessId
GetWindowTextW
GetWindowRect
GetWindowPlacement
GetWindowLongW
SetClassLongW
GetTopWindow
GetSystemMetrics
GetSystemMenu
GetSysColorBrush
GetSubMenu
ScrollWindow
GetScrollPos
GetScrollInfo
GetPropW
GetParent
GetMessagePos
GetMenuStringW
GetMenuState
GetMenuItemInfoW
GetMenuItemID
GetMenuItemCount
GetMenuDefaultItem
GetLastActivePopup
GetKeyState
GetKeyNameTextW
GetKeyboardState
GetKeyboardLayoutNameW
GetKeyboardLayoutList
GetIconInfo
GetForegroundWindow
GetFocus
GetDlgItem
GetDlgCtrlID
GetDesktopWindow
GetDCEx
GetCursorPos
GetClipboardData
GetClientRect
GetClassNameW
GetClassLongW
GetClassInfoW
GetClassInfoExW
GetCapture
GetActiveWindow
FrameRect
FindWindowW
FindWindowExW
FillRect
EnumWindows
EnumThreadWindows
EnumClipboardFormats
EnumChildWindows
EndPaint
EnableWindow
EnableScrollBar
EnableMenuItem
EmptyClipboard
DrawTextW
DrawTextExW
DrawMenuBar
DrawIconEx
DrawFrameControl
DrawFocusRect
DrawEdge
DispatchMessageW
DispatchMessageA
DestroyWindow
DestroyMenu
DestroyIcon
DestroyCursor
DeleteMenu
SetCapture
SetActiveWindow
SendMessageW
GetWindowDC
SendMessageA
DefWindowProcW
DefMDIChildProcW
DefFrameProcW
CreateWindowExW
CreatePopupMenu
CreateMenu
CreateIconIndirect
CountClipboardFormats
CopyImage
CloseClipboard
ClientToScreen
ChildWindowFromPoint
CheckMenuItem
ScreenToClient
RemovePropW
RemoveMenu
ReleaseDC
ReleaseCapture
RegisterClipboardFormatW
RegisterClassW
RedrawWindow
PtInRect
PostQuitMessage
PostMessageW
PeekMessageW
GetScrollRange
PeekMessageA
CharUpperW
CharUpperBuffW
CharNextW
CharLowerW
CharLowerBuffW
CallWindowProcW
CallNextHookEx
BeginPaint
AdjustWindowRectEx
ActivateKeyboardLayout
GetMessageExtraInfo

gdi32

CreateDIBitmap
CreateDIBSection
CreateFontIndirectW
CreateHalftonePalette
CreatePalette
CreatePenIndirect
CreateRectRgn
CreateSolidBrush
DeleteDC
DeleteEnhMetaFile
DeleteObject
Ellipse
EnumFontFamiliesExW
ExcludeClipRect
ExtFloodFill
ExtTextOutW
FrameRgn
GdiFlush
GetBitmapBits
GetBrushOrgEx
GetClipBox
GetCurrentPositionEx
GetDeviceCaps
CreateCompatibleDC
GetDIBits
CreateCompatibleBitmap
GetEnhMetaFileDescriptionW
GetEnhMetaFileHeader
GetEnhMetaFilePaletteEntries
GetNearestPaletteIndex
GetObjectW
GetPaletteEntries
GetPixel
GetRgnBox
GetStockObject
GetSystemPaletteEntries
GetTextExtentPoint32W
GetTextExtentPointW
GetTextMetricsW
GetViewportOrgEx
GetWindowOrgEx
GetWinMetaFileBits
IntersectClipRect
LineTo
MaskBlt
MoveToEx
PatBlt
Pie
PlayEnhMetaFile
PolyBezierTo
Polygon
Polyline
RealizePalette
Rectangle
RectVisible
ResizePalette
RestoreDC
RoundRect
SaveDC
SelectClipRgn
SelectObject
SelectPalette
SetBkColor
SetBkMode
SetBrushOrgEx
SetDIBColorTable
SetDIBits
SetEnhMetaFileBits
SetPaletteEntries
SetPixelV
SetROP2
SetStretchBltMode
SetTextColor
SetViewportOrgEx
SetWindowOrgEx
SetWinMetaFileBits
StretchBlt
StretchDIBits
UnrealizeObject
CreateBrushIndirect
GetEnhMetaFileBits
CreateBitmap
CopyEnhMetaFileW
Chord
BitBlt
GetDIBColorTable
AngleArc
ArcTo

comdlg32

GetSaveFileNameW
GetOpenFileNameW

advapi32

RegQueryInfoKeyW
RegOpenKeyExW
RegFlushKey
RegEnumValueW
RegEnumKeyExW
RegCloseKey
RegQueryValueExW

shell32

ShellExecuteW
Shell_NotifyIconW
DragQueryFileW
SHGetFileInfoW

ole32

CoUninitialize
CoCreateInstance
CoTaskMemAlloc
CoTaskMemFree
DoDragDrop
OleInitialize
OleUninitialize
RegisterDragDrop
ReleaseStgMedium
RevokeDragDrop
StringFromCLSID
CLSIDFromString

oleaut32

VariantCopyInd
VariantClear
VariantChangeType
SysReAllocStringLen
SysFreeString
SysAllocStringLen
SafeArrayPtrOfIndex
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayGetElement
SafeArrayCreate
GetErrorInfo
VariantInit

Sections

.text
Size: 2.3MB - Virtual size: 2.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 4.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.0MB - Virtual size: 1.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.dvd5
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

6c50d47eff66a9c15b6627d8e0753a5e

Headers

File Characteristics

Imports

winmm

comctl32

version

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

Sections

.text Size: 2.3MB - Virtual size: 2.3MB

.rdata Size: 16KB - Virtual size: 13KB

.data Size: 12KB - Virtual size: 4.0MB

.rsrc Size: 1.0MB - Virtual size: 1.0MB

.dvd5 Size: 1.4MB - Virtual size: 1.4MB

.text
Size: 2.3MB - Virtual size: 2.3MB

.rdata
Size: 16KB - Virtual size: 13KB

.data
Size: 12KB - Virtual size: 4.0MB

.rsrc
Size: 1.0MB - Virtual size: 1.0MB

.dvd5
Size: 1.4MB - Virtual size: 1.4MB