35822ca1c0d0e63e1adb1c8a3cdda3f9 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

35822ca1c0d0e63e1adb1c8a3cdda3f9
Size

95KB
MD5

35822ca1c0d0e63e1adb1c8a3cdda3f9
SHA1

f38a835e23f86851902bba90f564e9e7fc4cdd35
SHA256

bf1fed16a5ee70be0f0c16092708e855b160fc6c3a46db6f9c30d4b127c4bdc7
SHA512

5940c3a641309dbccdd2ad85f3c4a1036297c1f5bba6d743f300623a590172e943655ad8f5c80e570099402b13e803a562eb224353a52b33520ad5d4d24c3ff0
SSDEEP

1536:xYBADjILD3L+bQ+T1vYm+KkhMMMRvQOVGKXY2L2a65UeLN13HwangaNbifOM3lV6:xgAO3jSx1LMMpQOXXYS2cE1XwangaSVS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
35822ca1c0d0e63e1adb1c8a3cdda3f9

Files

35822ca1c0d0e63e1adb1c8a3cdda3f9
.dll windows:4 windows x86 arch:x86

24d87a6791c12cac1a776d702f4e76d8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

DuplicateHandle
FileTimeToLocalFileTime
FileTimeToSystemTime
GetCurrentProcessId
GlobalDeleteAtom
GlobalHandle
GlobalLock
HeapAlloc
HeapCreate
IsBadReadPtr
LCMapStringW
LocalAlloc
ReadFile
SetEndOfFile
WideCharToMultiByte
lstrcmpiA
lstrcpyA
lstrcpynA

user32

CharUpperA
DefWindowProcA
DrawIcon
GetClassInfoExA
GetForegroundWindow
GetMenuCheckMarkDimensions
GetMenuState
GetNextDlgTabItem
GetParent
GetScrollPos
GetWindowLongA
GetWindowTextA
GetWindowTextLengthA
GrayStringA
KillTimer
PeekMessageA
SetRect
SetWindowContextHelpId
ShowWindow

Sections

.text
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ