35d5c3cf47b2f67c956fb688f61ba63b | Triage

Sharing

Copy URL Twitter E-mail

General

Target

35d5c3cf47b2f67c956fb688f61ba63b
Size

62KB
MD5

35d5c3cf47b2f67c956fb688f61ba63b
SHA1

a1855f7fbc17a739e50121324bf2a080bca0bfe5
SHA256

28b1e5105af37717c0a43872e9c37695d45c858032f2d9115a6a8bcf8f7288c9
SHA512

5718b47ab5660d602db9886e150031fb06ec586f876715e4b44342de562079ca275d4887988f908736a41628ca69db5dd380c159ede78e3e164e390f3caed8d7
SSDEEP

1536:A+leAbekJQ2dfh+6TE7MWfDy3G/FzcKXTlOAEC:j3i6pJTE7pMGdgKXTEO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
35d5c3cf47b2f67c956fb688f61ba63b

Files

35d5c3cf47b2f67c956fb688f61ba63b
.exe windows:4 windows x86 arch:x86

9ca6e472f647176f874af9ff56886a60

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DeleteFileW
CancelIo
GetStartupInfoA
CloseHandle
GetEnvironmentVariableA
VirtualQuery
HeapCreate
GetVolumePathNameA
CloseHandle
GetTimeFormatA
TlsGetValue
FindResourceW
GetCommandLineA
HeapDestroy
GetModuleHandleA
Sleep
ResetEvent
GetCommandLineA
lstrlenA
CreateEventA

user32

GetClassInfoA
CreateIcon
DestroyMenu
CallWindowProcA
DrawTextW
GetWindowLongA
GetSysColor
FindWindowA
IsWindow
PeekMessageA
DispatchMessageA
DispatchMessageA
IsZoomed

psbase

SPDeleteSubtype
SPDeleteSubtype
SPDeleteSubtype
SPDeleteSubtype

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 10B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 54KB - Virtual size: 82KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

wxxpxkt
Size: - Virtual size: 130KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE