3f6ba4976fcc22e338ad4b96fe4270f82656d2a45d27479c6db5eb6abbb4d8d0N

Resubmissions

28-09-2024 17:46

240928-wcm5ta1clf 10

28-09-2024 17:42

240928-v96gzs1bkb 10

Sharing

Copy URL

Twitter E-mail

General

Target

3f6ba4976fcc22e338ad4b96fe4270f82656d2a45d27479c6db5eb6abbb4d8d0N
Size

260KB
MD5

f20b370a3f50a6580ab9f8743fa35e00
SHA1

4e04275d8248ab112eba21ac7dff54196de4a961
SHA256

3f6ba4976fcc22e338ad4b96fe4270f82656d2a45d27479c6db5eb6abbb4d8d0
SHA512

9affacff8c75ce8e096084f493767750a20d7511c2e3f25eeed2951e54c4a1eddbc66455a693da569f60f055a8bd82ea9be4e0cca788be9d1b33a56ea32c8c66
SSDEEP

6144:xFAqgNMrMNnHGUS0mATGBqxwO54kBzPpSC5T0i8S:vUNKMQUzSwh5bBzseT0m

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3f6ba4976fcc22e338ad4b96fe4270f82656d2a45d27479c6db5eb6abbb4d8d0N

Files

3f6ba4976fcc22e338ad4b96fe4270f82656d2a45d27479c6db5eb6abbb4d8d0N
.exe windows:4 windows x86 arch:x86

b445b15e50823e4ff2dc442d1004381b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleW
MulDiv
CreateEventW
SetErrorMode
ExpandEnvironmentStringsA
GetCurrentThreadId
IsDebuggerPresent
SetUnhandledExceptionFilter
MoveFileW
WaitForSingleObject
GetTimeFormatW
CreateMutexW
FileTimeToSystemTime
CompareFileTime
GetLocalTime
GetVolumeInformationW
LocalAlloc
LocalFree
GetDateFormatW
OpenEventW
GetTempPathW
CreateDirectoryW
RemoveDirectoryW
FreeLibrary
GetWindowsDirectoryW
GetSystemDirectoryW
GetProcAddress

user32

GetForegroundWindow
GetActiveWindow
SetCapture
SetWindowLongW
GetIconInfo
LoadCursorW
SetCursor
GetFocus
CopyRect
GetSystemMetrics
DestroyIcon
IsWindow
InvalidateRect
SendMessageW
GetSysColor
LoadIconW
LoadImageW
MessageBoxW
EnableWindow

gdi32

CreatePalette
CreateCompatibleDC
CreatePen
GetStockObject
CreateFontIndirectW
CreateSolidBrush
DeleteObject
CreatePatternBrush

advapi32

RevertToSelf
RegOpenKeyExA
RegQueryValueExA
RegOpenKeyExW
RegQueryValueExW
RegCreateKeyExW
RegSetValueExW
RegCloseKey
ImpersonateSelf
OpenThreadToken
OpenProcessToken
AllocateAndInitializeSid
InitializeSecurityDescriptor
GetLengthSid
InitializeAcl
AddAccessAllowedAce
SetSecurityDescriptorDacl
SetSecurityDescriptorGroup
SetSecurityDescriptorOwner
IsValidSecurityDescriptor
AccessCheck
FreeSid

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

shell32

ShellExecuteW

usp10

UspFreeMem
ScriptXtoCP
ScriptString_pcOutChars
ScriptShape

iprtrmgr

MapInterfaceToAdapter

Sections

.text
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.c
Size: 2KB - Virtual size: 542KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.CxMAKg
Size: 3KB - Virtual size: 660KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.yOruq
Size: 1KB - Virtual size: 153KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.zgefqi
Size: 78KB - Virtual size: 133KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.H
Size: 3KB - Virtual size: 321KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 7KB - Virtual size: 270KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.hwA
Size: 134KB - Virtual size: 164KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bfm
Size: 2KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Resubmissions

Sharing

General

Malware Config

Signatures

Files

b445b15e50823e4ff2dc442d1004381b

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

version

shell32

usp10

iprtrmgr

Sections

.text Size: 18KB - Virtual size: 17KB

.c Size: 2KB - Virtual size: 542KB

.CxMAKg Size: 3KB - Virtual size: 660KB

.yOruq Size: 1KB - Virtual size: 153KB

.rdata Size: 3KB - Virtual size: 39KB

.zgefqi Size: 78KB - Virtual size: 133KB

.H Size: 3KB - Virtual size: 321KB

.data Size: 7KB - Virtual size: 270KB

.hwA Size: 134KB - Virtual size: 164KB

.bfm Size: 2KB - Virtual size: 12KB

.rsrc Size: 6KB - Virtual size: 6KB

.text
Size: 18KB - Virtual size: 17KB

.c
Size: 2KB - Virtual size: 542KB

.CxMAKg
Size: 3KB - Virtual size: 660KB

.yOruq
Size: 1KB - Virtual size: 153KB

.rdata
Size: 3KB - Virtual size: 39KB

.zgefqi
Size: 78KB - Virtual size: 133KB

.H
Size: 3KB - Virtual size: 321KB

.data
Size: 7KB - Virtual size: 270KB

.hwA
Size: 134KB - Virtual size: 164KB

.bfm
Size: 2KB - Virtual size: 12KB

.rsrc
Size: 6KB - Virtual size: 6KB