3fbc8927f697552ff38374fffa83762a507615f0f69128edab675d44ece37e41

General

Target

3fbc8927f697552ff38374fffa83762a507615f0f69128edab675d44ece37e41
Size

82KB
MD5

c3dd6739f5951fff3b9bd4ed95193f31
SHA1

327d03739c9cb6fa714cfa8adbe69b0d1a442eb5
SHA256

3fbc8927f697552ff38374fffa83762a507615f0f69128edab675d44ece37e41
SHA512

7364331530bf246de4d252234d18d635ccc321b676e5a3623ae9617086cd7e4fe8b1d5160e97800af7ac84b055b802fcb13d35c8b71679100f50b676b750fd66
SSDEEP

768:IzHMuxdUkFYgYTYl4sJKyt8ESpa1AaCoTcrBFCJptH4quUqge8xpfRmYvk3avKkA:h6UkaLfIBLy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3fbc8927f697552ff38374fffa83762a507615f0f69128edab675d44ece37e41

Files

3fbc8927f697552ff38374fffa83762a507615f0f69128edab675d44ece37e41
.exe windows:4 windows x86 arch:x86

a424186769cf81f678e03593599d6e04

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreatePipe
PeekNamedPipe
ReadFile
GetExitCodeProcess
CloseHandle
lstrlenW
MultiByteToWideChar
GetFileAttributesW
Sleep
CreateProcessW
GetStartupInfoA
GetModuleHandleA

msvcrt

strlen
_except_handler3
_setmbcp
_controlfp
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
__dllonexit
_onexit
_exit
_XcptFilter

shell32

SHGetSpecialFolderPathW

user32

CallWindowProcA
WaitForInputIdle

mfc42

ord1576
ord3079
ord1134
ord2621
ord815
ord825
ord561
ord3738
ord4424
ord4622
ord4080
ord1168
ord3825
ord3831
ord4673
ord4274
ord6375
ord4486
ord2554
ord2512
ord5731
ord3922
ord1089
ord5199
ord2396
ord3346
ord5300
ord5302
ord2725
ord4079
ord4698
ord5307
ord5289
ord5714
ord2982
ord3147
ord3259
ord4465
ord3136
ord3262
ord2985
ord3081
ord2976
ord3830

wmvert

wm_Run
wm_InBinRev
wm_BinLeft
wm_BAnd
wm_CnvToBin
wm_SpaceBin
wm_MsgBox
wm_pbin
wm_BOr
wm_WriteMem
wm_ToInt
wm_NotifySys
wm_CreateWindowFromTemplate
wm_GetRunPath
wm_SaveRegItem
wm_BinLen

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 70KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a424186769cf81f678e03593599d6e04

Headers

File Characteristics

Imports

kernel32

msvcrt

shell32

user32

mfc42

wmvert

Sections

.text Size: 7KB - Virtual size: 7KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 1KB - Virtual size: 1KB

.rsrc Size: 70KB - Virtual size: 69KB

.text
Size: 7KB - Virtual size: 7KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 70KB - Virtual size: 69KB