35d6a245f016b09ec5f5a7146d0e0a5d

Sharing

Copy URL Twitter E-mail

General

Target

35d6a245f016b09ec5f5a7146d0e0a5d
Size

173KB
MD5

35d6a245f016b09ec5f5a7146d0e0a5d
SHA1

e10786afe8d59f85aa707a3693806bf7c4ac72be
SHA256

3a758d340226e6be591bd6d847f4c99d9373121785dd15e4741781a32bc71d0a
SHA512

f1b54ca2b97156f38f454d1a1fb99fcf7b6bf620f914b02d5c2e45df6fb543a8ab662bb34fd2d8dc0a07b810494dbd2d9f4571448b250ae5aa0f9f5d6c35996f
SSDEEP

1536:ZAnsUFInJkFBin4TQN2LsCnA3hvsHpgijm7Dsb2CgDbql2:ZKsUWd48kLsCnA3hvsJgpPsb+Db02

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
35d6a245f016b09ec5f5a7146d0e0a5d

Files

35d6a245f016b09ec5f5a7146d0e0a5d
.exe windows:1 windows x86 arch:x86

2b4c7906011e9078a3cae63473d44cad

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
SetLastError
lstrcmpiW
GetLastError
InterlockedDecrement
LeaveCriticalSection
WriteFile
InterlockedIncrement
GetSystemTimeAsFileTime
SetUnhandledExceptionFilter
HeapFree
VirtualAlloc
LocalAlloc
GetProcessHeap
Sleep
InterlockedIncrement
EnterCriticalSection
SetLastError
GetCommandLineW
HeapAlloc
GetACP
VirtualAlloc
CloseHandle
WaitForSingleObject
GetProcessHeap
GetModuleHandleW
GetProcAddress
QueryPerformanceCounter
SetFilePointer
EnterCriticalSection
GetCommandLineA
SetUnhandledExceptionFilter
LeaveCriticalSection
GetModuleHandleA
WriteFile
GetProcAddress

user32

GetWindowLongW
GetSystemMenu
CopyRect
KillTimer
DestroyIcon
GetSubMenu
CharNextW
GetSystemMetrics
IsWindow
GetDC
UpdateWindow
MoveWindow
IsWindowVisible
DestroyMenu
InvalidateRect
RegisterClassExW
wsprintfA
MoveWindow
RegisterClassExW
ShowWindow
MessageBoxA
MessageBoxA
GetKeyState
IsWindow

advapi32

InitializeSecurityDescriptor
RegEnumValueW
OpenProcessToken
RegQueryInfoKeyW
AllocateAndInitializeSid
RegCreateKeyExA
RegCloseKey
SetSecurityDescriptorDacl
RegCreateKeyExW
RegDeleteKeyW
CloseServiceHandle
AdjustTokenPrivileges
SetSecurityDescriptorDacl
RegCreateKeyExA
RegDeleteValueW
RegDeleteValueW

gdi32

SelectObject
DeleteDC
GetTextMetricsW
LineTo
CreateBitmap
GetTextMetricsW
CreateBitmap
ExtTextOutW
StretchBlt
MoveToEx
GetStockObject
GetDeviceCaps
CreateCompatibleDC
ExtTextOutW
SetBkMode
SetBkMode
PatBlt
StretchBlt

Sections

Size: 141KB - Virtual size: 156KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE

Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

2b4c7906011e9078a3cae63473d44cad

Headers

File Characteristics

Imports

kernel32

user32

advapi32

gdi32

Sections

Size: 141KB - Virtual size: 156KB

Size: 2KB - Virtual size: 4KB

Size: 8KB - Virtual size: 7KB

Size: 1024B - Virtual size: 4KB

Size: 2KB - Virtual size: 4KB

Size: 4KB - Virtual size: 4KB

Size: 1024B - Virtual size: 4KB

Size: 4KB - Virtual size: 4KB

Size: 3KB - Virtual size: 4KB

Size: 3KB - Virtual size: 4KB

Size: 512B - Virtual size: 4KB

Size: 1024B - Virtual size: 4KB