35f4a84f20be1d2ca2912466b4d93292

Sharing

Copy URL Twitter E-mail

General

Target

35f4a84f20be1d2ca2912466b4d93292
Size

592KB
MD5

35f4a84f20be1d2ca2912466b4d93292
SHA1

9aed3b1c2ff8e2de752c54b3d4aa1982d310605f
SHA256

e3edce319248271c9104109ddc0de6c584df2fe3f66d9947468080d217aa8cd1
SHA512

e7a9fb1c061b907cb4b90374abecd9be3453de5bd7ad725072f6d68d7ced29c5868f06b46d8444dcd6d701604dc23ec1211cb21ba3666dd92fa2e0cec6e06032
SSDEEP

12288:RifcR5mG3ZgIFvuVZUQ4QMcrdKQAKoorc84IAr2Gc9UPu0Ox1YswLIo:Ri+4Av0ZUQnvKQ1q72Gct0OjYs

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
35f4a84f20be1d2ca2912466b4d93292

Files

35f4a84f20be1d2ca2912466b4d93292
.exe windows:5 windows x86 arch:x86

6ad27eae0f5a2923f015869a05cfb867

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegDeleteKeyA
RegDeleteValueA
RegSetValueExA
RegDeleteValueW
RegQueryValueExW
RegQueryValueExA
RegCreateKeyExW
RegOpenKeyExA
RegOpenKeyExW
RegCloseKey

kernel32

lstrcpynA
CloseHandle
FindFirstFileA
ReadFile
SetFilePointer
TlsFree
MapViewOfFile
GetConsoleMode
RaiseException
HeapSize
WideCharToMultiByte
GetCommandLineW
LockResource
GetCurrentProcessId
WritePrivateProfileStringA
GetEnvironmentStrings
lstrlenW
GlobalAlloc
GlobalUnlock
GetEnvironmentStringsW
LCMapStringA
GetConsoleCP
GlobalFree
lstrlenA
GetSystemInfo
UnmapViewOfFile
LCMapStringW
GetLastError
LeaveCriticalSection
ExitProcess
TlsSetValue
GetFileType
CreateFileW
CreateEventW
GlobalLock
WaitForMultipleObjects
FindNextFileA
ResetEvent
CompareStringA
FindNextFileW
CompareStringW
GetProcessHeap
GetProcAddress
DeleteFileW
SetEvent
GetWindowsDirectoryA
DeleteFileA
GetFileSize
GetStartupInfoA
LoadLibraryA
GetVersionExA
TlsAlloc
GetTickCount
QueryPerformanceCounter
GetOEMCP
LoadLibraryW
EnterCriticalSection
HeapFree
WriteConsoleW
InterlockedIncrement
GetCurrentThreadId
SetEndOfFile
VirtualQuery
GetVersion
WriteConsoleA
TerminateProcess
SetEnvironmentVariableA
GetSystemDirectoryA
SetUnhandledExceptionFilter
CreateThread
GetModuleHandleA
MultiByteToWideChar
InterlockedDecrement
UnhandledExceptionFilter
SetHandleCount
GetPrivateProfileStringA
LoadLibraryExA
GetModuleFileNameA
InterlockedExchange
FlushFileBuffers
HeapAlloc
IsDebuggerPresent
GetACP
SetLastError
OutputDebugStringA
FormatMessageA
TlsGetValue
FindClose
LoadResource
InitializeCriticalSection
FormatMessageW
LocalFree
FreeLibrary
GetFullPathNameA
GetStringTypeW
HeapReAlloc
GetCommandLineA
GetSystemTimeAsFileTime
GetTimeZoneInformation
GetStringTypeA
lstrcmpiA
GetCPInfo
SetStdHandle
FreeEnvironmentStringsW
CreateFileA
ExpandEnvironmentStringsA
LocalAlloc
GetLocaleInfoA
GetCurrentProcess
DeleteCriticalSection
FreeEnvironmentStringsA
GetExitCodeProcess
GetFileAttributesW
HeapDestroy
FindFirstFileW
GetDriveTypeA
WaitForSingleObject
GetFileAttributesA
FileTimeToSystemTime
ReleaseMutex
GetConsoleOutputCP
GetStdHandle
GetEnvironmentVariableA
RtlUnwind
VirtualAlloc
Sleep
VirtualFree
WriteFile
HeapCreate
SizeofResource
GetModuleHandleW
GetModuleFileNameW

oleaut32

SysFreeString
SysStringLen

user32

SetForegroundWindow
ClientToScreen
GetDlgItem
CreateWindowExA
GetSubMenu
SetWindowTextA
SetWindowLongA
ReleaseCapture
PostMessageA
GetWindowRect
GetSystemMetrics
SetCapture
EndPaint
SetTimer
GetFocus
RegisterClassA
EnableMenuItem
TranslateMessage
EnableWindow
ShowWindow
UpdateWindow
GetClientRect
SendMessageA
GetDC
DispatchMessageA
IsWindow
PostQuitMessage
MoveWindow
GetSysColor
IsWindowVisible
GetWindowLongA
wsprintfA
CallWindowProcA
ReleaseDC
SetCursor
InvalidateRect

ole32

CoTaskMemFree
CoCreateInstance

gdi32

CreateFontIndirectA
DeleteObject
DeleteDC
SetTextColor
CreateCompatibleDC
SelectObject
SetBkMode

Sections

.text
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 560KB - Virtual size: 558KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 760B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6ad27eae0f5a2923f015869a05cfb867

Headers

File Characteristics

Imports

advapi32

kernel32

oleaut32

user32

ole32

gdi32

Sections

.text Size: 24KB - Virtual size: 20KB

.data Size: 560KB - Virtual size: 558KB

.rsrc Size: 4KB - Virtual size: 760B

.text
Size: 24KB - Virtual size: 20KB

.data
Size: 560KB - Virtual size: 558KB

.rsrc
Size: 4KB - Virtual size: 760B