3ff0d50557b5ba7eb306048c0e20dd4304a75aeab0470fe213c5089a031a396f[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

3ff0d50557b5ba7eb306048c0e20dd4304a75aeab0470fe213c5089a031a396f.exe
Size

3.9MB
MD5

65a683124fc4ca1839e95322370e2b0d
SHA1

7a7eafcfa4349e40cb15ab30b5c64d3415e60b96
SHA256

3ff0d50557b5ba7eb306048c0e20dd4304a75aeab0470fe213c5089a031a396f
SHA512

14b6d7d06f1bd02fffa5f0a4aecb8bbb7b1441597d9ac27a888f5ff441fce785809bd675c7ef7b1da7f99a8d61100e030b6c8b7b128515e8d713d4ffec54123f
SSDEEP

49152:bP70hwGvLJT/a9yLe7lAsYaxBjbdOGMneGzxgUgoJUcaqCDx6ITcP2MNoSPhaC+O:nUgoJUBZJoP2MNBajvXOSq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3ff0d50557b5ba7eb306048c0e20dd4304a75aeab0470fe213c5089a031a396f.exe

Files

3ff0d50557b5ba7eb306048c0e20dd4304a75aeab0470fe213c5089a031a396f.exe
.exe windows:5 windows x86 arch:x86

33e003ddaff3bc71480e8cb946f52917

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

gdi32

TextOutW
StretchDIBits
StretchBlt
SetWindowOrgEx
SetViewportOrgEx
SetTextColor
SetStretchBltMode
SetROP2
SetPixelV
SetPixel
SetDIBitsToDevice
SetDIBits
SetBkMode
SetBkColor
SelectPalette
SelectObject
SelectClipRgn
SaveDC
RoundRect
RestoreDC
ResizePalette
Rectangle
RectVisible
RealizePalette
Polyline
OffsetViewportOrgEx
MoveToEx
LineTo
IntersectClipRect
GetViewportOrgEx
GetTextMetricsW
GetTextExtentPoint32W
GetTextExtentExPointW
GetTextColor
GetTextAlign
GetStockObject
GetROP2
GetPixel
GetPaletteEntries
GetObjectType
GetObjectW
GetNearestPaletteIndex
GetDeviceCaps
GetDIBits
GetCurrentPositionEx
GetCurrentObject
GetClipBox
GetBkMode
GetBkColor
ExtTextOutW
ExcludeClipRect
Ellipse
DeleteObject
DeleteDC
CreateRoundRectRgn
CreateRectRgn
CreatePolygonRgn
CreatePenIndirect
CreatePen
CreatePalette
CreateHalftonePalette
CreateFontIndirectW
CreateDIBSection
CreateCompatibleDC
CreateCompatibleBitmap
CreateBrushIndirect
CombineRgn
BitBlt

kernel32

lstrcmpW
WriteProcessMemory
WritePrivateProfileStringW
WriteFile
WaitForSingleObject
VirtualQuery
VirtualProtect
UnmapViewOfFile
TerminateProcess
SystemTimeToFileTime
Sleep
ReadProcessMemory
QueryDosDeviceW
OutputDebugStringW
OpenProcess
MulDiv
MapViewOfFile
LocalFree
LocalAlloc
LoadLibraryW
LeaveCriticalSection
IsBadCodePtr
InitializeCriticalSection
HeapFree
HeapDestroy
HeapAlloc
GlobalUnlock
GlobalMemoryStatus
GlobalHandle
GlobalLock
GlobalGetAtomNameW
GlobalFree
GlobalDeleteAtom
GlobalAlloc
GlobalAddAtomW
GetWindowsDirectoryW
GetVersionExW
GetVersion
GetTickCount
GetTempPathW
GetSystemTime
GetSystemInfo
GetSystemDirectoryW
GetProcessTimes
GetProcAddress
GetPrivateProfileStringW
GetPriorityClass
GetModuleHandleW
GetModuleFileNameW
GetLogicalDriveStringsW
GetLastError
GetDriveTypeW
GetDiskFreeSpaceExW
GetCurrentThreadId
GetCurrentProcess
InterlockedIncrement
InterlockedExchangeAdd
InterlockedExchange
InterlockedDecrement
InterlockedCompareExchange
FreeLibrary
FlushInstructionCache
FileTimeToSystemTime
EnterCriticalSection
CreateMutexW
CreateFileMappingW
CreateFileW
CopyFileW
CloseHandle
GetLongPathNameW
Sleep
VerSetConditionMask
VerifyVersionInfoW

advapi32

RegQueryValueExW
RegOpenKeyExW
RegFlushKey
RegCloseKey
OpenProcessToken
LookupPrivilegeValueW
GetUserNameW
AdjustTokenPrivileges

shell32

SHGetFileInfoW
ExtractIconW
SHGetSpecialFolderPathW
SHGetPathFromIDListW
SHBrowseForFolderW

ole32

CoCreateInstance
IsEqualGUID

comctl32

_TrackMouseEvent
ImageList_GetIconSize
ImageList_Draw
ImageList_GetIconSize

user32

PrivateExtractIconsW

Sections

.text
Size: 675KB - Virtual size: 676KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.itext
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: 260KB - Virtual size: 260KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 79KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 3.1MB - Virtual size: 3.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

33e003ddaff3bc71480e8cb946f52917

Headers

File Characteristics

Imports

gdi32

kernel32

advapi32

shell32

ole32

comctl32

user32

Sections

.text Size: 675KB - Virtual size: 676KB

.itext Size: 3KB - Virtual size: 4KB

.data Size: 16KB - Virtual size: 16KB

.bss Size: 260KB - Virtual size: 260KB

.idata Size: 79KB - Virtual size: 80KB

.tls Size: 4KB - Virtual size: 4KB

.rdata Size: 512B - Virtual size: 44KB

.rsrc Size: 3.1MB - Virtual size: 3.1MB

.text
Size: 675KB - Virtual size: 676KB

.itext
Size: 3KB - Virtual size: 4KB

.data
Size: 16KB - Virtual size: 16KB

.bss
Size: 260KB - Virtual size: 260KB

.idata
Size: 79KB - Virtual size: 80KB

.tls
Size: 4KB - Virtual size: 4KB

.rdata
Size: 512B - Virtual size: 44KB

.rsrc
Size: 3.1MB - Virtual size: 3.1MB