3c66a185a7898e66bf85beb68ad41ed745ab13beb733030cb74bccf75f102f78

Sharing

Copy URL

Twitter E-mail

General

Target

3c66a185a7898e66bf85beb68ad41ed745ab13beb733030cb74bccf75f102f78
Size

306KB
MD5

715fadabb625eb789bfbd9b2e2c20f4f
SHA1

fab35088274b8acebc1e97882df2470b818f57d5
SHA256

3c66a185a7898e66bf85beb68ad41ed745ab13beb733030cb74bccf75f102f78
SHA512

464551e604408ea1151ccf0141e7bd78682222c04b251ab2bfb7d7c7b9344777c80026d41d243180d82a43bfaa8decda24e2838dff285c72903243af2873fa12
SSDEEP

6144:bJi0cnhpI5naMMLJvcfkpREqA6Uwm6kgboGu:Ni0haJREqA6Uwm6XcD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3c66a185a7898e66bf85beb68ad41ed745ab13beb733030cb74bccf75f102f78

Files

3c66a185a7898e66bf85beb68ad41ed745ab13beb733030cb74bccf75f102f78
.exe windows:5 windows x86 arch:x86

6e11570960c7df72826b6dd69a7570b4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InterlockedExchange
GetLocaleInfoW
GlobalDeleteAtom
GetVersionExA
LoadLibraryA
GlobalFindAtomW
GetModuleHandleA
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RaiseException
HeapFree
RtlUnwind
HeapAlloc
GetSystemTimeAsFileTime
GetCommandLineA
HeapReAlloc
HeapSize
ExitProcess
HeapCreate
VirtualFree
VirtualAlloc
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
SetStdHandle
GetModuleFileNameA
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetTickCount
InitializeCriticalSectionAndSpinCount
GetConsoleCP
GetConsoleMode
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
GetCurrentProcess
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
GlobalAddAtomW
GlobalFlags
lstrcmpW
lstrlenA
lstrcmpA
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
GetCurrentProcessId
GetModuleFileNameW
InterlockedDecrement
InterlockedIncrement
GetModuleHandleW
SetLastError
GlobalFree
GlobalAlloc
GlobalLock
GlobalUnlock
FormatMessageW
FindResourceW
LoadResource
LockResource
SizeofResource
lstrlenW
CloseHandle
Sleep
QueryPerformanceCounter
MultiByteToWideChar
WideCharToMultiByte
LocalAlloc
LocalFree
GetCurrentThreadId
OutputDebugStringW
GetLastError
LoadLibraryW
GetProcAddress
FreeLibrary

user32

GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
LoadIconW
WinHelpW
GetCapture
GetClassLongW
SetPropW
GetPropW
RemovePropW
GetTopWindow
DestroyWindow
GetMessageTime
GetMessagePos
MapWindowPoints
SetMenu
GetClientRect
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
AdjustWindowRectEx
DefWindowProcW
CallWindowProcW
CopyRect
GetMenu
SystemParametersInfoA
GetWindowPlacement
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
ModifyMenuW
EnableMenuItem
CheckMenuItem
PostQuitMessage
IsIconic
PostMessageW
SetWindowLongW
IsWindow
GetDlgItem
SetWindowsHookExW
CallNextHookEx
DispatchMessageW
GetKeyState
PeekMessageW
ValidateRect
RegisterWindowMessageW
SetForegroundWindow
SetWindowPos
GetFocus
ClientToScreen
GetWindow
GetDlgCtrlID
GetWindowRect
GetClassNameW
PtInRect
DestroyMenu
GetWindowThreadProcessId
GetForegroundWindow
GetSubMenu
GetMenuItemCount
GetMenuItemID
GetMenuState
GetSysColorBrush
SetWindowTextW
GetWindowTextW
SendMessageW
GetParent
GetWindowLongW
GetLastActivePopup
IsWindowEnabled
EnableWindow
MessageBoxW
UnhookWindowsHookEx
LoadCursorW
GetSystemMetrics
GetDC
ReleaseDC
GetSysColor

advapi32

CryptHashData
CryptSignHashW
CryptDestroyHash
CryptReleaseContext
CryptAcquireContextW
CryptCreateHash

crypt32

CertFreeCertificateContext
CertCreateCertificateContext

oleacc

LresultFromObject
CreateStdAccessibleObject

gdi32

SetBkColor
SetTextColor
GetClipBox
SaveDC
RestoreDC
CreateBitmap
DeleteObject
SelectObject
DeleteDC
SetMapMode
GetStockObject
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
GetDeviceCaps
Escape
ExtTextOutW
TextOutW
RectVisible
PtVisible
SetViewportOrgEx

winspool.drv

DocumentPropertiesW
OpenPrinterW
ClosePrinter

oleaut32

VariantChangeType
VariantClear
VariantInit

Sections

.text
Size: 234KB - Virtual size: 233KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 54KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 15KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6e11570960c7df72826b6dd69a7570b4

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

crypt32

oleacc

gdi32

winspool.drv

oleaut32

Sections

.text Size: 234KB - Virtual size: 233KB

.rdata Size: 54KB - Virtual size: 54KB

.data Size: 15KB - Virtual size: 30KB

.rsrc Size: 1KB - Virtual size: 1KB

.text
Size: 234KB - Virtual size: 233KB

.rdata
Size: 54KB - Virtual size: 54KB

.data
Size: 15KB - Virtual size: 30KB

.rsrc
Size: 1KB - Virtual size: 1KB