3be77c231c3bea0bb5677866050bee75df9c88529c7640f4b5e300ba6b84cf2eN

Sharing

Copy URL Twitter E-mail

General

Target

3be77c231c3bea0bb5677866050bee75df9c88529c7640f4b5e300ba6b84cf2eN
Size

128KB
MD5

286b71c7a514866e159a5b7f3ec030f0
SHA1

fdb6de9ef43c168f946f1e025fb73a1449b3fa0d
SHA256

3be77c231c3bea0bb5677866050bee75df9c88529c7640f4b5e300ba6b84cf2e
SHA512

3e14533e70451859a966cb9954205f44af332d9c99f29102f761191d3e7043d29511ad4d619cf0c84f941d152afe305a2b79611cdcc7cc7293f94d5aafa27b02
SSDEEP

1536:K/7LVmS1DSzspoQ5qPddchzxwmr56lP9+v7ePPjwrwh1N8oSyp/Gu/uM:c7ZrDplqPduhzxnrUlP9W8PYqSyAu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3be77c231c3bea0bb5677866050bee75df9c88529c7640f4b5e300ba6b84cf2eN

Files

3be77c231c3bea0bb5677866050bee75df9c88529c7640f4b5e300ba6b84cf2eN
.exe windows:4 windows x86 arch:x86

073d7a2b20f09f79be9eeb22b97ba50b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\mfc100jpn.pdb

Imports

kernel32

WaitForSingleObject
InterlockedIncrement
InterlockedDecrement
WriteFile
LoadResource
UnhandledExceptionFilter
FreeLibrary
GetVersionExA
DisableThreadLibraryCalls
_lclose
DeleteCriticalSection
EnterCriticalSection
MultiByteToWideChar
TerminateProcess
_lopen
WideCharToMultiByte
GetProcAddress
VirtualProtect
FindResourceW
LocalAlloc
FindResourceA
GetTickCount
OutputDebugStringA
GetSystemInfo
GetModuleHandleA
GetCurrentThreadId
CreateEventA
LeaveCriticalSection
GetLastError
CreateThread
GetFileSize
ResumeThread
CloseHandle
GetCurrentProcess
_lread
lstrlenW
GetLocaleInfoW
IsValidLanguageGroup
GetFullPathNameA
GetShortPathNameA
CreateFileW
LoadLibraryA
QueryPerformanceCounter
InitializeCriticalSection
LockResource
GetSystemDefaultLCID
GetCurrentProcessId
HeapDestroy
lstrcmpiA
Sleep
SetEvent
SizeofResource
UnmapViewOfFile
GetSystemTimeAsFileTime
lstrcpyA
VirtualAlloc
GetSystemDirectoryA
SetUnhandledExceptionFilter
lstrcatA
LocalFree
LocalReAlloc
GetModuleFileNameA
MapViewOfFile
CreateFileA
VirtualQuery
lstrlenA
CreateFileMappingA

user32

LoadImageA
GetDC
ReleaseDC
GetWindowRect
CharNextA
wsprintfA
LoadStringA

gdi32

ExtTextOutW
GetSystemPaletteEntries
GetTextAlign
GetPaletteEntries
CreateCompatibleDC
SetTextColor
RoundRect
Polyline
SetBkMode
StretchBlt
DeleteDC
Rectangle
CreateICA
GetDeviceCaps
Ellipse
SetTextAlign
CreatePen
CreateBrushIndirect
SetBkColor
CreateHalftonePalette
DeleteObject
CreateHatchBrush
GetObjectA
CreateSolidBrush
SelectObject

ole32

CoCreateInstance
CoCreateGuid
CoGetInterfaceAndReleaseStream
OleInitialize
OleUninitialize
StringFromCLSID
CoTaskMemFree

msvcrt

_wcsicmp
free
wcslen
wcscpy
malloc

msacm32

acmStreamSize
acmStreamOpen
acmStreamUnprepareHeader
acmStreamClose
acmStreamConvert
acmStreamPrepareHeader

Sections

.text
Size: 72KB - Virtual size: 70KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

fdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 40KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

073d7a2b20f09f79be9eeb22b97ba50b

Headers

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

ole32

msvcrt

msacm32

Sections

.text Size: 72KB - Virtual size: 70KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 4KB - Virtual size: 1.0MB

fdata Size: 4KB - Virtual size: 3KB

.rsrc Size: 40KB - Virtual size: 36KB

.text
Size: 72KB - Virtual size: 70KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 4KB - Virtual size: 1.0MB

fdata
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 40KB - Virtual size: 36KB