35cc48f4aef87ce4fa990f9dea68d32e

Sharing

Copy URL Twitter E-mail

General

Target

35cc48f4aef87ce4fa990f9dea68d32e
Size

11.6MB
MD5

35cc48f4aef87ce4fa990f9dea68d32e
SHA1

5b013235bf64b771fa442f3f99036cc41926b9ae
SHA256

717e48e1d2031f6a6981af78bf0682780d536ad6a3f86979fff0544f971f6d4d
SHA512

8cf8ef1fe79a0c01fa6a4f09caee9bf80778085bd8dddc1701614df70908c9bbb29c5008f1c5443a33b341e2c8acbaba9a5a6b22a760973aff62a4747280b812
SSDEEP

196608:3nmc/lUK/k1uVSJhW58dSuU9paYa1I7gObZOygmMG4av:3xOKzYJhWYa9gJIUggXW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
35cc48f4aef87ce4fa990f9dea68d32e

Files

35cc48f4aef87ce4fa990f9dea68d32e
.exe windows:4 windows x86 arch:x86

5f8089647dd483967304811ca51b444b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateProcessA
GetCommandLineA
InterlockedIncrement
InterlockedDecrement
lstrlenW
GetModuleHandleA
MultiByteToWideChar
GetModuleFileNameA
GetLastError
WideCharToMultiByte
FreeLibrary
SizeofResource
LoadResource
FindResourceA
LoadLibraryExA
IsDBCSLeadByte
GetProcAddress
LoadLibraryA
GetShortPathNameA
GetWindowsDirectoryA
GetEnvironmentVariableA
ReadFile
DeleteFileA
GetCurrentProcess
WaitForSingleObject
GetSystemInfo
SetFilePointer
GetTempPathA
LocalFree
GetTickCount
GetCurrentProcessId
GetSystemDirectoryA
GetUserDefaultLangID
LockResource
MoveFileA
ExitProcess
LocalAlloc
FormatMessageA
CreateDirectoryA
CompareStringW
CompareStringA
SetStdHandle
FlushFileBuffers
LCMapStringW
GetExitCodeProcess
CreateFileA
WriteFile
CloseHandle
lstrcmpA
lstrlenA
lstrcpyA
lstrcpynA
lstrcatA
lstrcmpiA
DeleteCriticalSection
InitializeCriticalSection
RaiseException
GetVersionExA
InterlockedExchange
GetThreadLocale
GetLocaleInfoA
GetACP
LCMapStringA
GetStringTypeW
GetStringTypeA
IsBadCodePtr
IsBadReadPtr
QueryPerformanceCounter
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetStdHandle
GetTimeZoneInformation
GetCPInfo
GetOEMCP
HeapSize
SetUnhandledExceptionFilter
TlsGetValue
TlsSetValue
EnterCriticalSection
LeaveCriticalSection
HeapFree
RtlUnwind
TerminateProcess
HeapAlloc
VirtualProtect
VirtualAlloc
VirtualQuery
HeapReAlloc
GetSystemTimeAsFileTime
GetStartupInfoA
HeapDestroy
HeapCreate
VirtualFree
IsBadWritePtr
TlsAlloc
SetLastError
GetCurrentThreadId
TlsFree
SetEnvironmentVariableA

user32

GetDesktopWindow
CharNextA
LoadStringA
MessageBoxA
wsprintfA

advapi32

RegEnumKeyA
RegSetValueExA
RegEnumKeyExA
RegQueryInfoKeyA
RegDeleteValueA
RegCreateKeyExA
RegDeleteKeyA
RegQueryValueExA
RegOpenKeyExA
RegCloseKey

ole32

CoTaskMemAlloc
CoTaskMemRealloc
CoTaskMemFree
CoCreateInstance

oleaut32

VarUI4FromStr

version

VerQueryValueA
GetFileVersionInfoA

wininet

InternetCloseHandle
InternetReadFile
HttpQueryInfoA
InternetErrorDlg
HttpSendRequestA
HttpOpenRequestA
InternetConnectA
InternetCrackUrlA
InternetOpenA

Sections

.text
Size: 68KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16.0MB - Virtual size: 15.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5f8089647dd483967304811ca51b444b

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ole32

oleaut32

version

wininet

Sections

.text Size: 68KB - Virtual size: 64KB

.rdata Size: 16KB - Virtual size: 14KB

.data Size: 8KB - Virtual size: 12KB

.rsrc Size: 16.0MB - Virtual size: 15.9MB

.text
Size: 68KB - Virtual size: 64KB

.rdata
Size: 16KB - Virtual size: 14KB

.data
Size: 8KB - Virtual size: 12KB

.rsrc
Size: 16.0MB - Virtual size: 15.9MB