335020434f2876e2f187b291cc317209

Sharing

Copy URL Twitter E-mail

General

Target

335020434f2876e2f187b291cc317209
Size

124KB
MD5

335020434f2876e2f187b291cc317209
SHA1

b68c6d21d95a05706c0161437d2804ff67b0759b
SHA256

dd9878a6f0551e09940f0436277d33ec642af8171ebbd63b751450795eb60d5d
SHA512

5cfa6851e136ad0e9dcf2b266365dd1447d7c7ac701c5caebfa2c2ac73ea7e62352742ca905762f719107ffdd36591d9d7150aa54aa768a31c2cf8a650deb8d5
SSDEEP

1536:05e0OvPIhrTs5995S+UZ3fsZYPNWzgOhQzqS/zA0fqfheraFrA/LoyBO5LWF+7og:OeDXIJ+TSJZ3UyVgS7G5Tc/Kt7o

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
335020434f2876e2f187b291cc317209

Files

335020434f2876e2f187b291cc317209
.exe windows:5 windows x86 arch:x86

6bf96750624d8a42c78045a0d03315ca

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

StrDupW
PathMakePrettyW

kernel32

InterlockedExchange
GetSystemDefaultLangID
GetShortPathNameW
QueryPerformanceCounter
OpenFileMappingW
MoveFileW
GetWindowsDirectoryA
InterlockedExchangeAdd
GetCurrentProcessId
lstrcmpiW
ExitProcess

comctl32

ImageList_GetIcon
DestroyPropertySheetPage
ImageList_Remove

user32

GetWindowDC
GetSubMenu
RegisterClassA
FindWindowExW
GetKeyState
SetCursor
GetMessageTime
GetParent
InsertMenuItemW
LoadStringW
IsCharAlphaA
SetWindowTextA

ntdll

_stricmp
memset

gdi32

CreateRectRgnIndirect
RealizePalette
ExcludeClipRect
PtInRegion
GetObjectW

Exports

Exports

?Btvmjm_qxmSC@@YGPADI@Z
?aphkOBDTHIJFg__nzt__@@YGKM@Z
?gpJ___PNVDYR@@YGGMH@Z
?J_IMlg_i__@@YGPAEM@Z
?ZN__L_E_U__KOcw__ev_@@YGPANNPAF@Z
?_Ktd_ui@@YGPAXHE@Z

Sections

.code
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 15KB - Virtual size: 346KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 75KB - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.import
Size: 1024B - Virtual size: 990B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 512B - Virtual size: 395B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6bf96750624d8a42c78045a0d03315ca

Headers

File Characteristics

Imports

shlwapi

kernel32

comctl32

user32

ntdll

gdi32

Exports

Exports

Sections

.code Size: 23KB - Virtual size: 22KB

.data Size: 15KB - Virtual size: 346KB

.rdata Size: 75KB - Virtual size: 75KB

.import Size: 1024B - Virtual size: 990B

.edata Size: 512B - Virtual size: 395B

.rsrc Size: 6KB - Virtual size: 8KB

.reloc Size: 2KB - Virtual size: 1KB

.code
Size: 23KB - Virtual size: 22KB

.data
Size: 15KB - Virtual size: 346KB

.rdata
Size: 75KB - Virtual size: 75KB

.import
Size: 1024B - Virtual size: 990B

.edata
Size: 512B - Virtual size: 395B

.rsrc
Size: 6KB - Virtual size: 8KB

.reloc
Size: 2KB - Virtual size: 1KB