34d46ecfb94f3ffab5ffe82c7b829f0f

Sharing

Copy URL Twitter E-mail

General

Target

34d46ecfb94f3ffab5ffe82c7b829f0f
Size

110KB
MD5

34d46ecfb94f3ffab5ffe82c7b829f0f
SHA1

8d32c1ffdb43386e89837f98d3a5921eb2585792
SHA256

7dfb15f0d97d7ef605936a7dd419735f30b43b32b943a9b081cae3a79094e344
SHA512

78c21db60a1708e4b83a6ee110f97f664ebfbadc024c97eb0b80ed4850a9eb49b52adea267a6eb530f4df64dec322aea29f8885b06196439b3f285e531fe3d3d
SSDEEP

1536:jdezQ4l2Qxcdn++X/t3lUzfLH3SR1MnEgfglWN/tkXvevUBUmwwy:Rebl2Qxcx/XUzW1MnEJle/ESrmM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
34d46ecfb94f3ffab5ffe82c7b829f0f

Files

34d46ecfb94f3ffab5ffe82c7b829f0f
.exe windows:4 windows x86 arch:x86

806b56e08a2326f131db86ab3748561c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegLoadKeyA
RegQueryInfoKeyA
RegEnumKeyExA
GetLengthSid

kernel32

GetCommandLineA
GetModuleHandleA
VirtualAllocEx
ExitProcess
LoadLibraryExA

comdlg32

FindTextA

ole32

GetHGlobalFromStream
CoCreateInstanceEx
StgOpenStorage
CoUnmarshalInterface
MkParseDisplayName
CoReleaseMarshalData
StringFromIID
CoCreateFreeThreadedMarshaler

shlwapi

SHQueryInfoKeyA
SHGetValueA
PathGetCharTypeA

version

VerQueryValueA
VerInstallFileA
GetFileVersionInfoA

shell32

DragQueryFileA
SHGetDesktopFolder
SHGetDiskFreeSpaceA
SHGetFolderPathA
SHGetFileInfoA

user32

GetSysColor
GetMenu
GetCursor
GetKeyNameTextA
GetKeyState
GetCapture
DrawIcon
SetCursor
BeginPaint
GetPropA
GetIconInfo
SetWindowTextA
CreateWindowExA
GetDlgItem
EnableWindow
CharNextA
CallNextHookEx
DrawMenuBar
GetScrollInfo
CharToOemA
GetWindow
EnableScrollBar
CheckMenuItem
GetFocus
GetSysColorBrush
GetDC
GetSubMenu
CharLowerA
FrameRect
GetMenuStringA
GetWindowTextA
GetClassLongA
DrawEdge
EqualRect
CreateIcon
RegisterClassA
GetMenuItemCount
IsWindowVisible
EnableMenuItem
FillRect
GetCursorPos
EndPaint
SystemParametersInfoA
FindWindowA
CreatePopupMenu
GetMenuItemInfoA
GetDesktopWindow
IsChild
DispatchMessageA
GetScrollRange
EnumThreadWindows
GetMenuItemID
MessageBoxA
GetActiveWindow
DrawFrameControl
EnumWindows
IsDialogMessageA
TrackPopupMenu
DispatchMessageW
GetClipboardData
GetScrollPos
DefMDIChildProcA
DefWindowProcA
GetParent
BeginDeferWindowPos
DrawIconEx
EndDeferWindowPos

gdi32

BitBlt
CreateBrushIndirect
GetDCOrgEx
LineTo
CreatePenIndirect

msvcrt

wcschr
exp
tolower
memcpy
memmove
strncmp
_acmdln
log10

comctl32

ImageList_DragShowNolock
ImageList_Create
ImageList_Write
ImageList_Destroy
ImageList_Read
ImageList_Draw
ImageList_Remove
ImageList_DrawEx

Sections

.text
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 57KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

806b56e08a2326f131db86ab3748561c

Headers

File Characteristics

Imports

advapi32

kernel32

comdlg32

ole32

shlwapi

version

shell32

user32

gdi32

msvcrt

comctl32

Sections

.text Size: 48KB - Virtual size: 48KB

.bss Size: 3KB - Virtual size: 3KB

.idata Size: 57KB - Virtual size: 57KB

.text
Size: 48KB - Virtual size: 48KB

.bss
Size: 3KB - Virtual size: 3KB

.idata
Size: 57KB - Virtual size: 57KB