3ecd80855ef2ec7f4d9f9838f559b313288b4e6d383db36376e6b511d5c32b02

Sharing

Copy URL

Twitter E-mail

General

Target

3ecd80855ef2ec7f4d9f9838f559b313288b4e6d383db36376e6b511d5c32b02
Size

313KB
MD5

071ecd80e4b4a3cb17ffbe0f49c36c40
SHA1

4a48e8d46444b7ee0f8821ab810c62af69f243f1
SHA256

3ecd80855ef2ec7f4d9f9838f559b313288b4e6d383db36376e6b511d5c32b02
SHA512

142e20fe7b78713580660f090ed5fd39121e702b2891fc40e5e540bf3b4e72ef9ac4e2c3bec8a3d3c21aefb4de4e43be79a7580452351fb788d676f403a4cd5a
SSDEEP

6144:pCUYVZ1ktxr13KG8uyfHej7pbWcqkEfsgRsRXmYHjQd+MJkBDUHYDMb:IzepUfHej7FW9xs7jQ7mY4U

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3ecd80855ef2ec7f4d9f9838f559b313288b4e6d383db36376e6b511d5c32b02

Files

3ecd80855ef2ec7f4d9f9838f559b313288b4e6d383db36376e6b511d5c32b02
.exe windows:5 windows x86 arch:x86

21b220fa09b89e85d3d710fae6beb6ff

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

rpcrt4

RpcStringFreeA
UuidToStringA
UuidCreate

ole32

CoCreateInstance
CoInitializeEx
CoUninitialize

shell32

SHGetFolderPathA

user32

MessageBoxA
GetSystemMetrics

advapi32

RegOpenKeyExA
SetSecurityDescriptorDacl
RegCloseKey
RegSetValueExA
ImpersonateSelf
RevertToSelf
RegQueryValueExA
InitializeSecurityDescriptor

oleaut32

SysAllocStringByteLen
SysFreeString

kernel32

IsBadCodePtr
TlsSetValue
lstrcmpiA
SetEndOfFile
FreeLibrary
SetUnhandledExceptionFilter
TryEnterCriticalSection
DeleteCriticalSection
WriteFile
VirtualQuery
HeapSize
SetHandleCount
FormatMessageA
SetStdHandle
CreateDirectoryA
OutputDebugStringA
HeapDestroy
GetCommandLineA
LeaveCriticalSection
RtlUnwind
VirtualAlloc
FreeEnvironmentStringsA
HeapAlloc
GetCurrentDirectoryA
LocalFree
GetUserDefaultLCID
ReadFile
IsValidLocale
TlsAlloc
GetLocalTime
GetOEMCP
WideCharToMultiByte
VirtualProtect
CloseHandle
FreeEnvironmentStringsW
SetFilePointer
LoadLibraryExA
TlsGetValue
WaitForSingleObject
GetCurrentThreadId
HeapFree
CreateMutexA
SetLastError
TlsFree
EnterCriticalSection
GetSystemInfo
HeapReAlloc
GetSystemTimeAsFileTime
DeleteFileA
ReleaseMutex
IsValidCodePage
GetFileType
UnhandledExceptionFilter
RaiseException
CreateFileA
GetStdHandle
TerminateThread
LCMapStringA
GetModuleHandleA
GetACP
FlushFileBuffers
VirtualFree
LCMapStringW
EnumSystemLocalesA
VirtualAllocEx

comctl32

ImageList_LoadImageW
ImageList_SetBkColor
FlatSB_EnableScrollBar
FlatSB_GetScrollPos
ImageList_ReplaceIcon
CreateStatusWindowW
ImageList_Remove
ImageList_Write
FlatSB_GetScrollInfo
ImageList_Destroy
FlatSB_SetScrollRange

tsbyuv

DriverProc

Sections

.text
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 282KB - Virtual size: 993KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

21b220fa09b89e85d3d710fae6beb6ff

Headers

File Characteristics

Imports

rpcrt4

ole32

shell32

user32

advapi32

oleaut32

kernel32

comctl32

tsbyuv

Sections

.text Size: 20KB - Virtual size: 20KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 282KB - Virtual size: 993KB

.rsrc Size: 6KB - Virtual size: 5KB

.text
Size: 20KB - Virtual size: 20KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 282KB - Virtual size: 993KB

.rsrc
Size: 6KB - Virtual size: 5KB