34c0ec636005206cab0508c57b7a1720

Sharing

Copy URL Twitter E-mail

General

Target

34c0ec636005206cab0508c57b7a1720
Size

137KB
MD5

34c0ec636005206cab0508c57b7a1720
SHA1

190f279692c1d2a3a6f2694f9770753d04126ca8
SHA256

dbac554193548f601f0421bf4e3f8f5c4dfcf997376328c799a7b7cd146190ad
SHA512

5c68811262626e54a66a2edcd3cc9bfbf601d8cca4073dc12e6f13244829a73f9a8e1d331b62eaccf211d40d3057ed260125fda46180c42842728522e2f2f3a5
SSDEEP

3072:T8hHRslTnH/bHcvuz+LVg3tffLY7kpbLIAssR1kOXaYYJ:T8hkrzEuiLVg3tHc4f

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
34c0ec636005206cab0508c57b7a1720

Files

34c0ec636005206cab0508c57b7a1720
.exe windows:5 windows x86 arch:x86

42f119ea7dd2992ed3d89c4765891db9

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LocalAlloc
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
GetCurrentThreadId
DeleteCriticalSection
GetModuleHandleA
FreeLibrary
LoadLibraryA
WaitForSingleObject
CreateProcessA
CreateThread
GlobalUnlock
GlobalLock
GetThreadLocale
lstrcpynA
ReadFile
SetFilePointer
LocalLock
GetProcAddress
GetCurrentDirectoryA
SetCurrentDirectoryA
GetExitCodeProcess
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
FindNextFileA
LocalHandle
LocalUnlock
LocalFree
CopyFileA
SetFileTime
FindFirstFileA
FindClose
GetFileSize
GetFileTime
SetFileAttributesA
GetFileAttributesA
WideCharToMultiByte
GetACP
MultiByteToWideChar
IsDBCSLeadByte
Sleep
GetLastError
FlushFileBuffers
ExitProcess
GlobalHandle
OutputDebugStringA
GetStartupInfoA
GetTickCount
GetTempPathA
GetTempFileNameA
MulDiv
GetFullPathNameA
CreateFileA
WriteFile
CloseHandle
lstrcmpiA
CompareFileTime
GlobalAlloc
lstrcatA
GlobalFree
lstrlenA
lstrcpyA
lstrcmpA
DeleteFileA
GetStdHandle

msvcrt

strtok
_snprintf
strstr
calloc
system
_ltoa
exit
isalpha
_fullpath
memmove
wcspbrk
wcslen
_stricmp
_mkdir
malloc
strcspn
strncmp
_strdup
toupper
islower
strchr
atoi
wcsncpy
isspace
isdigit
_getcwd
free
strncat
_strnicmp
strpbrk
_c_exit
_exit
_XcptFilter
_cexit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp

advapi32

RegOpenKeyA
RegCloseKey
RegQueryValueExA
RegDeleteValueA
RegSetValueExA
RegCreateKeyA

gdi32

GetStockObject
Rectangle
SelectObject
LineTo
MoveToEx
CreateSolidBrush
CreatePen
CreateFontA
GetTextMetricsA
SetBkColor
GetDeviceCaps
GetTextExtentPointA
ExtTextOutA
SetTextColor
EndPage
StartPage
DeleteDC
EndDoc
AbortDoc
StartDocA
SetAbortProc
ExtTextOutW
GetTextExtentPoint32A
GetTextExtentPoint32W
SetROP2
DeleteObject

user32

CreateDialogParamA
IsDialogMessageA
GetKeyState
ScrollWindow
ValidateRect
SetScrollRange
SetScrollPos
SetScrollInfo
DrawFocusRect
SetWindowLongA
PtInRect
RedrawWindow
ReleaseCapture
GetParent
SetCapture
DrawTextA
GetFocus
GetWindowLongA
ScreenToClient
ReleaseDC
SendMessageA
FillRect
GetClientRect
GetDC
MessageBoxA
EndPaint
BeginPaint
DefWindowProcA
RegisterClassA
LoadCursorA
wsprintfA
SetCursor
SetDlgItemTextA
CheckDlgButton
EndDialog
GetDlgItemTextA
SendDlgItemMessageA
CheckRadioButton
ShowWindow
CharLowerBuffA
EnableWindow
GetDlgItem
IsDlgButtonChecked
DialogBoxParamA
CharNextA
CharPrevA
GetSysColor
AttachThreadInput
GetDesktopWindow
RegisterWindowMessageA
DispatchMessageA
TranslateMessage
TranslateAcceleratorA
PeekMessageA
MoveWindow
LoadStringA
SetWindowPlacement
GetWindowPlacement
PostMessageA
DestroyMenu
TrackPopupMenu
ClientToScreen
EnableMenuItem
GetSubMenu
LoadMenuA
InvalidateRect
GetMenu
SetWindowTextA
InvertRect
GetCursorPos
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
LoadIconA
DestroyWindow
SystemParametersInfoA
CheckMenuItem
PostQuitMessage
WinHelpA
SetFocus
UpdateWindow
CreateWindowExA
LoadAcceleratorsA
GetMessageA

comdlg32

GetOpenFileNameA
PrintDlgA
ChooseFontA

shell32

ShellAboutA

Sections

.text
Size: 97KB - Virtual size: 96KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

42f119ea7dd2992ed3d89c4765891db9

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcrt

advapi32

gdi32

user32

comdlg32

shell32

Sections

.text Size: 97KB - Virtual size: 96KB

.data Size: 1024B - Virtual size: 7KB

.tls Size: 16KB - Virtual size: 16KB

.rsrc Size: 21KB - Virtual size: 21KB

.text
Size: 97KB - Virtual size: 96KB

.data
Size: 1024B - Virtual size: 7KB

.tls
Size: 16KB - Virtual size: 16KB

.rsrc
Size: 21KB - Virtual size: 21KB