035f6da087c88ca918c22c53f780ee46 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

035f6da087c88ca918c22c53f780ee46
Size

24KB
MD5

035f6da087c88ca918c22c53f780ee46
SHA1

d8dc68540cef20cb606dcbc9ebf3dc9831f6ff82
SHA256

e812da4cf92e20c4f9145a5b2edfe93ec5a14f0fd2f4b496650bf0d29f2346b0
SHA512

871da9a0c81757ddcffb6db2c99e2006a9f841e293646cc40b1135b75ab05617cac5a544ea9dacfd5ac1edd037878c15c4fa1abf39fa889e6aa4f15e1d37f69d
SSDEEP

192:G/T2z6inhglDUMhsxksiI63QQMBc9pgPNP1oyaYmHSC:G72z6inhglDUMhsxtix0c9I1JmHSC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
035f6da087c88ca918c22c53f780ee46

Files

035f6da087c88ca918c22c53f780ee46
.exe windows:4 windows x86 arch:x86

5abbb05ff5d0a0563762c9b0d761f840

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleFileNameW
CloseHandle
ReleaseMutex
GetLastError
CreateMutexA
SetLastError
Sleep
LoadLibraryW
CreateThread
GetCurrentDirectoryW
GetCommandLineW
VirtualFreeEx
WaitForSingleObject
CreateRemoteThread
GetProcAddress
GetModuleHandleA
WriteProcessMemory
VirtualAllocEx
lstrlenW
OpenProcess
Process32NextW
Process32FirstW
CreateToolhelp32Snapshot
GetStartupInfoA

user32

wsprintfW
PostQuitMessage
RegisterClassW
CreateWindowExW
UpdateWindow
GetMessageA
TranslateMessage
DispatchMessageA
DefWindowProcA
ShowWindow

shell32

CommandLineToArgvW

msvcrt

_controlfp
_wcsicmp
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
wcsstr
wcscpy
wcsrchr
_except_handler3
_exit
_XcptFilter
exit
_acmdln

Sections

.text
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 636B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE