135b4e981782f779bb57be420e17bd38

Sharing

Copy URL Twitter E-mail

General

Target

135b4e981782f779bb57be420e17bd38
Size

112KB
MD5

135b4e981782f779bb57be420e17bd38
SHA1

2fad55a5e99a7aaf7d244887ce07bd7988879ff3
SHA256

730f376fc3e1dfc1d3dd8f09cd25fe0a1e6c143c632ef642144da4d976287390
SHA512

89760d2ed21612232e2f51d3c5148d7d5dafa2f5bf8887c54b95db0b76f2d834ed2e257372045e533964a0a60080245cf48bfbcd90f5f086cdd246c97b2ec257
SSDEEP

3072:aSX0S+D46vVnSAtEejXae/qQHY5JIbihgRcslzPncez71q:a9S24ASteXaeCQHNbPKmPnF9q

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
135b4e981782f779bb57be420e17bd38

Files

135b4e981782f779bb57be420e17bd38
.exe windows:4 windows x86 arch:x86

fcd116a47382448eae9f00d618a9513b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

gethostbyname
WSAUnhookBlockingHook
WSCDeinstallProvider
socket
htons
WSAGetLastError
connect
closesocket

winmm

PlaySoundW
WOW32DriverCallback
midiInStart
waveOutUnprepareHeader
waveOutRestart
waveInStart
waveInGetDevCapsA
timeKillEvent
timeBeginPeriod
mod32Message
mmioInstallIOProcA
midiOutSetVolume

ole32

PropVariantClear
IsEqualGUID

version

VerQueryValueA
GetFileVersionInfoSizeA
GetFileVersionInfoA

advapi32

BuildExplicitAccessWithNameW
SetUserFileEncryptionKey
SetSecurityDescriptorDacl
RegisterEventSourceA
RegQueryValueExA
OpenTraceW
LsaSetInformationTrustedDomain
LsaRemoveAccountRights
LookupPrivilegeNameW
I_ScSetServiceBitsA
GetTrusteeNameW
GetSecurityDescriptorDacl
GetAclInformation
GetAce
FileEncryptionStatusA
AddAccessDeniedAce

user32

RegisterClassA
RegisterShellHookWindow
RegisterWindowMessageW
RemoveMenu
SetRect
SetSystemCursor
SetUserObjectSecurity
ShowWindow
TranslateMessage
UpdateWindow
PeekMessageA
GetKeyState
GetForegroundWindow
GetCaretPos
EnumPropsA
EmptyClipboard
DispatchMessageA
DialogBoxParamA
DefWindowProcA
CreateWindowExA
CharToOemA
CharLowerW
CharLowerBuffA
OpenClipboard
MsgWaitForMultipleObjects
GetTopWindow
MessageBoxW
BeginDeferWindowPos

kernel32

GetWindowsDirectoryA
GetVersionExA
GetTimeZoneInformation
GetTempPathW
GlobalAddAtomA
GetSystemDefaultLangID
GetStringTypeExA
GetPrivateProfileSectionW
GetModuleHandleA
GetFileAttributesExA
HeapAlloc
HeapCreate
MulDiv
OpenEventW
OpenJobObjectW
ReadFile
SetEnvironmentVariableA
SetFileTime
TlsGetValue
WaitForMultipleObjectsEx
lstrcmpA
GetBinaryTypeA
GetCommandLineA
GetConsoleAliasA
GetConsoleOutputCP
GetSystemInfo
GetCurrentProcessId
FormatMessageA
FlushConsoleInputBuffer
FindNextVolumeW
FindAtomW
FindAtomA
ExitProcess
EnumTimeFormatsA
DuplicateHandle
DeleteCriticalSection
CreateSemaphoreA
CloseHandle
BindIoCompletionCallback
Beep

shell32

SHGetSpecialFolderPathW
SHFileOperationW
ShellExecuteA

dinput

DirectInputCreateW

Sections

.text
Size: 76KB - Virtual size: 75KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fcd116a47382448eae9f00d618a9513b

Headers

File Characteristics

Imports

ws2_32

winmm

ole32

version

advapi32

user32

kernel32

shell32

dinput

Sections

.text Size: 76KB - Virtual size: 75KB

.data Size: 24KB - Virtual size: 23KB

.rsrc Size: 4KB - Virtual size: 3KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 76KB - Virtual size: 75KB

.data
Size: 24KB - Virtual size: 23KB

.rsrc
Size: 4KB - Virtual size: 3KB

.reloc
Size: 4KB - Virtual size: 3KB