35d509fd391a328efbc3997b087f16deff4034b8c91df5fc2f285eb76954d805

Sharing

Copy URL

Twitter E-mail

General

Target

35d509fd391a328efbc3997b087f16deff4034b8c91df5fc2f285eb76954d805
Size

3.5MB
MD5

32dd6257ccccd472e3141d1df32896c8
SHA1

675202bb6a79aa91fbf054b1468b1866f3203626
SHA256

35d509fd391a328efbc3997b087f16deff4034b8c91df5fc2f285eb76954d805
SHA512

d2be97ef8c6a71265043fe0eff4b49df069db2b05e9a05091177bd33f6e59fba1e72c12ae43f9c81a1f3740c3187f1e3b409148bb63202abc441c1676a0ae03a
SSDEEP

98304:5dkXoIbndmG6tfj4yMchYwrcmt9uPS2tKEkE/bcI6aMwQIud:5d7IbkZNhMPS2tGEjcIeIud

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
35d509fd391a328efbc3997b087f16deff4034b8c91df5fc2f285eb76954d805

Files

35d509fd391a328efbc3997b087f16deff4034b8c91df5fc2f285eb76954d805
.exe windows:6 windows x86 arch:x86

674ef91dc666d3f383ae1229ee76de67

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemDirectoryW
lstrcmpW
GlobalFindAtomA
GlobalGetAtomNameA
InitializeCriticalSectionAndSpinCount
InitializeCriticalSection
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GlobalReAlloc
GlobalHandle
LocalAlloc
LocalReAlloc
FormatMessageA
GetLocaleInfoW
GetSystemDefaultUILanguage
GetUserDefaultUILanguage
GlobalFlags
FindClose
FindFirstFileA
FlushFileBuffers
GetFullPathNameA
LockFile
SetEndOfFile
UnlockFile
GetVolumeInformationA
DuplicateHandle
lstrcmpiA
GetACP
GetTempPathA
VirtualProtect
GetOEMCP
GetCPInfo
FileTimeToSystemTime
GetTickCount64
GetProfileIntA
SearchPathA
SetErrorMode
FileTimeToLocalFileTime
GetFileAttributesExA
GetFileSizeEx
GetFileTime
SystemTimeToTzSpecificLocalTime
GetWindowsDirectoryA
GetTempFileNameA
GetUserDefaultLCID
FindResourceExW
OutputDebugStringW
RaiseException
LCMapStringEx
GetStringTypeW
RtlUnwind
GetModuleHandleExW
GetStdHandle
CreateThread
ExitThread
FreeLibraryAndExitThread
VerifyVersionInfoA
GetCommandLineW
GetSystemInfo
VirtualAlloc
VirtualQuery
IsValidCodePage
QueryPerformanceFrequency
HeapQueryInformation
SetStdHandle
GetFileType
CompareStringW
LCMapStringW
IsValidLocale
EnumSystemLocalesW
GetConsoleOutputCP
GetConsoleMode
SetFilePointerEx
ReadConsoleW
FindFirstFileExW
FindNextFileW
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
GetTimeZoneInformation
CreateFileW
WriteConsoleW
MulDiv
LocalFree
GlobalSize
GlobalFree
GlobalUnlock
GlobalAddAtomA
WritePrivateProfileStringA
GetPrivateProfileStringA
GetPrivateProfileIntA
CompareStringA
MultiByteToWideChar
lstrcmpA
GlobalDeleteAtom
GlobalLock
GlobalAlloc
LoadLibraryExW
GetModuleFileNameA
FreeLibrary
GetVersionExA
LoadLibraryW
GetModuleFileNameW
SetLastError
OutputDebugStringA
ResumeThread
SetThreadPriority
WaitForSingleObject
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
GetModuleHandleW
GetStartupInfoW
IsDebuggerPresent
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
SleepConditionVariableSRW
WakeAllConditionVariable
AcquireSRWLockExclusive
ReleaseSRWLockExclusive
EncodePointer
lstrcpyA
VerSetConditionMask
GetCommandLineA
CopyFileA
SystemTimeToFileTime
GetFileAttributesA
LocalFileTimeToFileTime
GetCurrentDirectoryA
SetFilePointer
SetFileTime
WideCharToMultiByte
FindResourceW
CreateDirectoryA
GetProcessHeap
ExitProcess
DeleteCriticalSection
GetProcAddress
GetThreadContext
DecodePointer
HeapAlloc
LoadResource
CloseHandle
HeapReAlloc
Process32Next
DeleteFileA
LockResource
LoadLibraryA
GetCurrentThread
CreateFileA
GetLastError
Sleep
CreateToolhelp32Snapshot
HeapSize
GetModuleHandleA
FindResourceA
InitializeCriticalSectionEx
LeaveCriticalSection
WriteFile
EnterCriticalSection
HeapFree
Process32First
SizeofResource
GetFileSize
ReadFile

user32

ReleaseCapture
SetTimer
KillTimer
LoadMenuW
GetSystemMenu
DeleteMenu
MessageBeep
WindowFromPoint
NotifyWinEvent
SetCursorPos
SetRect
UnionRect
BringWindowToTop
CreatePopupMenu
LockWindowUpdate
DestroyMenu
EnableScrollBar
GetDoubleClickTime
GetIconInfo
CopyIcon
GetMenuItemInfoA
GetMenuDefaultItem
SetMenuDefaultItem
ModifyMenuA
DestroyAcceleratorTable
SetClassLongA
GetUpdateRect
RealChildWindowFromPoint
WaitMessage
CopyAcceleratorTableA
GetNextDlgGroupItem
GetKeyboardLayout
GetKeyboardState
ToAsciiEx
MapVirtualKeyA
LoadAcceleratorsW
CreateAcceleratorTableA
UpdateLayeredWindow
GetKeyNameTextA
SubtractRect
RegisterClipboardFormatA
CharUpperBuffA
LoadAcceleratorsA
TranslateAcceleratorA
LoadMenuA
InsertMenuItemA
UnpackDDElParam
ReuseDDElParam
FrameRect
IsClipboardFormatAvailable
PostThreadMessageA
IsCharLowerA
MapVirtualKeyExA
DrawMenuBar
DefFrameProcA
DefMDIChildProcA
TranslateMDISysAccel
GetComboBoxInfo
CreateMenu
DestroyCursor
GetWindowRgn
DrawIcon
HideCaret
InvertRect
IsDialogMessageA
SetWindowTextA
SendDlgItemMessageA
CheckDlgButton
MoveWindow
ShowWindow
MonitorFromWindow
WinHelpA
GetScrollInfo
SetScrollInfo
LoadIconW
LoadIconA
UnhookWindowsHookEx
GetTopWindow
GetClassLongA
SetWindowLongA
PtInRect
EqualRect
ScreenToClient
AdjustWindowRectEx
GetWindowTextLengthA
GetWindowTextA
RemovePropA
GetPropA
SetPropA
ShowScrollBar
GetScrollRange
SetScrollRange
SetCapture
SetScrollPos
ScrollWindow
EndPaint
BeginPaint
SetForegroundWindow
GetForegroundWindow
TrackPopupMenu
SetMenu
GetMenu
GetCapture
SetFocus
GetDlgCtrlID
IsIconic
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
IsChild
IsMenu
CreateWindowExA
GetClassInfoExA
RegisterClassA
CallWindowProcA
GetMessageTime
GetMessagePos
GetClassNameA
InvalidateRect
UpdateWindow
EnumDisplayMonitors
GetMonitorInfoA
SystemParametersInfoA
LoadCursorW
LoadCursorA
CopyRect
SetRectEmpty
SetLayeredWindowAttributes
GetClassInfoA
DefWindowProcA
LoadBitmapW
SetMenuItemInfoA
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
RemoveMenu
AppendMenuA
InsertMenuA
GetMenuItemCount
GetMenuItemID
GetSubMenu
GetMenuState
GetMenuStringA
MapDialogRect
GetWindow
SetWindowPos
GetDesktopWindow
SetActiveWindow
GetNextDlgTabItem
GetDlgItem
EndDialog
CreateDialogIndirectParamA
DestroyWindow
IsWindow
GetLastActivePopup
GetWindowThreadProcessId
GetWindowLongA
MessageBoxA
IsWindowEnabled
SetCursor
ShowOwnedPopups
PostQuitMessage
PostMessageA
DrawIconEx
GetParent
IsRectEmpty
OffsetRect
InflateRect
FillRect
DrawFocusRect
GetSysColorBrush
GetSysColor
MapWindowPoints
GetWindowRect
GetClientRect
RedrawWindow
SetWindowRgn
DrawStateA
GetSystemMetrics
GetFocus
DrawFrameControl
DrawEdge
RegisterWindowMessageA
CallNextHookEx
SetWindowsHookExA
GetCursorPos
ValidateRect
GetKeyState
GetActiveWindow
IsWindowVisible
SendMessageA
PeekMessageA
DispatchMessageA
TranslateMessage
UnregisterClassA
GetDC
EnableWindow
wsprintfA
GetAsyncKeyState
GetMessageA
CharUpperA
IsZoomed
TrackMouseEvent
MonitorFromPoint
SetParent
CopyImage
LoadImageW
DestroyIcon
LoadImageA
EmptyClipboard
SetClipboardData
CloseClipboard
OpenClipboard
IntersectRect
ReleaseDC
GetWindowDC
TabbedTextOutA
GrayStringA
DrawTextExA
DrawTextA
GetScrollPos
ClientToScreen

gdi32

MoveToEx
TextOutA
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
CreateEllipticRgn
CreateHatchBrush
CreateRectRgn
CreateRectRgnIndirect
CreateSolidBrush
Ellipse
DeleteDC
EnumFontsW
GetBkColor
GetTextColor
GetTextExtentPoint32A
PatBlt
ExtTextOutA
CreatePolygonRgn
Polyline
GetTextMetricsA
CopyMetaFileA
CreateDCA
GetDeviceCaps
CreateBitmap
BitBlt
CreateCompatibleBitmap
CreateCompatibleDC
CreateDIBitmap
CreateFontIndirectA
CreatePen
CreatePatternBrush
DeleteObject
EnumFontFamiliesA
GetStockObject
GetTextCharsetInfo
GetObjectA
SetBkColor
SetTextColor
Escape
ExcludeClipRect
GetClipBox
GetObjectType
GetPixel
GetViewportExtEx
GetWindowExtEx
IntersectClipRect
LineTo
SetTextAlign
SetROP2
SetPolyFillMode
GetLayout
SetLayout
SetMapMode
SetBkMode
SelectPalette
SelectObject
ExtSelectClipRgn
PtVisible
RectVisible
RestoreDC
SetRectRgn
DPtoLP
RealizePalette
SelectClipRgn
Polygon
SetPixel
StretchBlt
CreateDIBSection
SetDIBColorTable
CreateRoundRectRgn
Rectangle
GetRgnBox
OffsetRgn
RoundRect
CreatePalette
GetPaletteEntries
GetNearestPaletteIndex
GetSystemPaletteEntries
EnumFontFamiliesExA
ExtFloodFill
SetPaletteEntries
FillRgn
FrameRgn
GetBoundsRect
PtInRegion
GetViewportOrgEx
LPtoDP
GetWindowOrgEx
SetPixelV
GetTextFaceA
CombineRgn
SaveDC

msimg32

AlphaBlend
TransparentBlt

shlwapi

StrFormatKBSizeA
PathRemoveFileSpecW
PathStripToRootA
PathIsUNCA
PathFindFileNameA
PathFindExtensionA
PathIsDirectoryA

uxtheme

IsThemeBackgroundPartiallyTransparent
GetThemePartSize
GetWindowTheme
DrawThemeText
GetThemeSysColor
DrawThemeParentBackground
GetCurrentThemeName
GetThemeColor
DrawThemeBackground
IsAppThemed
CloseThemeData
OpenThemeData

gdiplus

GdipCreateFromHDC
GdipDrawImageRectI
GdipCreateBitmapFromHBITMAP
GdipDrawImageI
GdipDeleteGraphics
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipSetInterpolationMode
GdiplusShutdown
GdipAlloc
GdipFree
GdiplusStartup
GdipCloneImage
GdipDisposeImage
GdipGetImageGraphicsContext
GdipGetImageWidth
GdipGetImageHeight
GdipGetImagePixelFormat
GdipGetImagePalette
GdipGetImagePaletteSize
GdipCreateBitmapFromStream

oleacc

LresultFromObject
AccessibleObjectFromWindow
CreateStdAccessibleObject

imm32

ImmReleaseContext
ImmGetOpenStatus
ImmGetContext

winmm

PlaySoundA

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

RegCloseKey
RegQueryValueExA
RegCreateKeyExA
RegDeleteKeyA
RegDeleteValueA
RegSetValueExA
RegEnumKeyA
RegQueryValueA
RegEnumValueA
RegEnumKeyExA
RegOpenKeyExA

shell32

SHGetDesktopFolder
SHBrowseForFolderA
SHGetSpecialFolderLocation
SHGetPathFromIDListA
SHGetFileInfoA
ShellExecuteA
DragQueryFileA
DragFinish
SHAppBarMessage

ole32

OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
CoUninitialize
OleLockRunning
RevokeDragDrop
RegisterDragDrop
CoLockObjectExternal
OleGetClipboard
DoDragDrop
CoCreateGuid
CoCreateInstance
CoDisconnectObject
CreateStreamOnHGlobal
ReleaseStgMedium
OleDuplicateData
CoTaskMemFree
CoInitializeEx
CoTaskMemAlloc
CoInitialize

oleaut32

VariantChangeType
SysAllocStringByteLen
SysAllocString
SystemTimeToVariantTime
VariantTimeToSystemTime
LoadTypeLi
VariantClear
VariantCopy
VariantInit
SysStringLen
SysAllocStringLen
SysFreeString
VarBstrFromDate

Sections

.text
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 319KB - Virtual size: 319KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 22KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 135KB - Virtual size: 134KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

674ef91dc666d3f383ae1229ee76de67

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

msimg32

shlwapi

uxtheme

gdiplus

oleacc

imm32

winmm

winspool.drv

advapi32

shell32

ole32

oleaut32

Sections

.text Size: 1.5MB - Virtual size: 1.5MB

.rdata Size: 319KB - Virtual size: 319KB

.data Size: 22KB - Virtual size: 39KB

.rsrc Size: 1.6MB - Virtual size: 1.6MB

.reloc Size: 135KB - Virtual size: 134KB

.text
Size: 1.5MB - Virtual size: 1.5MB

.rdata
Size: 319KB - Virtual size: 319KB

.data
Size: 22KB - Virtual size: 39KB

.rsrc
Size: 1.6MB - Virtual size: 1.6MB

.reloc
Size: 135KB - Virtual size: 134KB