035d5c1d53d400bac783e63ef96181eb

Sharing

Copy URL

Twitter E-mail

General

Target

035d5c1d53d400bac783e63ef96181eb
Size

152KB
MD5

035d5c1d53d400bac783e63ef96181eb
SHA1

1760719da4dc3ed0556cdd75c46ebdeee5c290c2
SHA256

10441b631a55141aba9a72eb1d9eff22a88d67d4f516b4be584ae8e481883c3f
SHA512

58f0c410de6bff91a65b13fbd6449d19c6b755d11b8f03eed9a06c803c9ee29664b1bdbdbe1a0e4a5478af0dc7665143e5ee5494ae23744986a333db1f554c1d
SSDEEP

3072:J2adneV1T1KgWcKpYj3T9KPT/eotiHQ3zhL77:gl11LWXpYjT9KPFIHQ3zd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
035d5c1d53d400bac783e63ef96181eb

Files

035d5c1d53d400bac783e63ef96181eb
.exe windows:4 windows x86 arch:x86

639dd861e69d7d97aef327771eb96b82

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

version

VerQueryValueA

comdlg32

FindTextA
GetFileTitleA

gdi32

GetDIBColorTable
CreatePenIndirect
BitBlt
CreateFontIndirectA

ole32

StgCreateDocfileOnILockBytes
CoCreateGuid
OleRegGetUserType
CoRevokeClassObject
CoGetObjectContext
CoUninitialize
CoCreateInstanceEx
ReleaseStgMedium
OleRun
CoRegisterClassObject

msvcrt

acos
wcscspn
exp
tolower
memset
swprintf
srand

oleaut32

OleLoadPicture
SafeArrayGetElement
SafeArrayUnaccessData
GetErrorInfo

shlwapi

SHDeleteValueA
SHSetValueA
PathIsDirectoryA
SHDeleteKeyA
SHGetValueA
PathGetCharTypeA
SHStrDupA
SHEnumValueA
SHQueryInfoKeyA

user32

GetMenuState
GetKeyboardState
GetParent
GetSysColorBrush
GetKeyState
GetScrollRange
GetKeyNameTextA
GetWindowDC
GetWindowLongW
GetMenuItemID
GetKeyboardLayout
GetMenuStringA
GetWindowLongA
GetKeyboardLayoutList
GetIconInfo
GetLastActivePopup
GetScrollInfo
GetMenuItemInfoA
GetKeyboardLayoutNameA
GetScrollPos
GetSysColor
GetMenu
GetSubMenu
GetKeyboardType
GetSystemMenu
GetMenuItemCount
GetTopWindow
GetWindow
GetMessagePos
GetPropA

shell32

DragQueryFileA

comctl32

ImageList_DrawEx
ImageList_DragShowNolock

advapi32

RegOpenKeyA
GetLengthSid

kernel32

GetOEMCP
IsBadHugeReadPtr
GetModuleHandleA
VirtualAllocEx
lstrlenA
GetCommandLineW
IsBadReadPtr
GetModuleHandleW
LoadLibraryExA
GetProcAddress
LoadLibraryA
ExitThread
ExitProcess

Sections

CODE
Size: 108KB - Virtual size: 106KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 542B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 967B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.adata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

639dd861e69d7d97aef327771eb96b82

Headers

File Characteristics

Imports

version

comdlg32

gdi32

ole32

msvcrt

oleaut32

shlwapi

user32

shell32

comctl32

advapi32

kernel32

Sections

CODE Size: 108KB - Virtual size: 106KB

.rdata Size: 4KB - Virtual size: 542B

.data Size: 4KB - Virtual size: 967B

DATA Size: 4KB - Virtual size: 2KB

.bdata Size: 8KB - Virtual size: 7KB

.adata Size: 8KB - Virtual size: 5KB

.rsrc Size: 12KB - Virtual size: 8KB

CODE
Size: 108KB - Virtual size: 106KB

.rdata
Size: 4KB - Virtual size: 542B

.data
Size: 4KB - Virtual size: 967B

DATA
Size: 4KB - Virtual size: 2KB

.bdata
Size: 8KB - Virtual size: 7KB

.adata
Size: 8KB - Virtual size: 5KB

.rsrc
Size: 12KB - Virtual size: 8KB