3a35b64e37ef6b7ade448bc7099fd915

Sharing

Copy URL Twitter E-mail

General

Target

3a35b64e37ef6b7ade448bc7099fd915
Size

248KB
MD5

3a35b64e37ef6b7ade448bc7099fd915
SHA1

6f6444900727add657f9c5cc3a095f138863b8a2
SHA256

de99f1a4132c2f53871bc68b444ad005b7fa76942aba83b4b6116bd008f8dcc6
SHA512

5bdc2375ad355f8393c49ba478298b2b4af914db29d443cfcdb3aba4fe4bf75008d3cb5cdd013eab7eb5aa342c58e4da4b3b41786f85579c160f3c6a94469f90
SSDEEP

6144:rteYBaJyB95RshnFS+WMGp15Kenz9DrkFt6:rNaItRsRFoxp3nzJret6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3a35b64e37ef6b7ade448bc7099fd915

Files

3a35b64e37ef6b7ade448bc7099fd915
.exe windows:4 windows x86 arch:x86

4f25e05c6a9c507309bff30e22c3260f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
lstrcpynA
FindResourceExA
GetTickCount
LocalReAlloc
OutputDebugStringA
ReadConsoleInputW
_hread
GetFullPathNameA
GetVersionExA
GetCommandLineA
lstrlenA
VirtualAlloc
GetProcessTimes

user32

SetUserObjectSecurity
TranslateMessage
GetSubMenu
IntersectRect
GetThreadDesktop
keybd_event
CharLowerA
UnregisterDeviceNotification
GetDlgItemTextW
DialogBoxIndirectParamA
LoadBitmapA
CreateAcceleratorTableA
mouse_event
GetWindowDC
LoadIconW

gdi32

SetAbortProc
CreateDIBPatternBrushPt
GetEnhMetaFileDescriptionA
SetWorldTransform
GetTextMetricsW
Chord
GetCharWidth32A
CreateRoundRectRgn
MaskBlt
SelectPalette
RectVisible
SaveDC

comdlg32

FindTextW

advapi32

RegQueryValueExW
MakeSelfRelativeSD
RegRestoreKeyA
CryptImportKey
RegSetValueExA
CreateServiceW
SetSecurityDescriptorOwner
GetNamedSecurityInfoA
CreateProcessAsUserA
EnumDependentServicesA
SetNamedSecurityInfoA
SetFileSecurityA
MakeAbsoluteSD
GetLengthSid
IsTextUnicode
ObjectCloseAuditAlarmW

shell32

ExtractIconExW
SHGetDesktopFolder
ExtractIconA

ole32

CreateOleAdviseHolder
CoFileTimeNow
CoRegisterClassObject
CoGetClassObject
StgSetTimes

oleaut32

SetErrorInfo
VariantCopy
SysStringLen
SafeArrayGetLBound
VariantChangeType
LoadTypeLibEx
SafeArrayRedim
QueryPathOfRegTypeLi
SafeArrayGetElement
SysFreeString

comctl32

ImageList_GetImageInfo
ImageList_GetDragImage
ImageList_SetBkColor
ImageList_GetImageCount

shlwapi

PathCanonicalizeA
ChrCmpIW
StrCmpW
StrTrimA
PathRelativePathToA
SHRegSetUSValueW
PathGetDriveNumberW
StrRChrA
PathAppendA
StrDupW
SHDeleteValueW
PathStripToRootA
PathRemoveBlanksW
PathAppendW
PathFindExtensionW

Sections

.text
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 232KB - Virtual size: 229KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

4f25e05c6a9c507309bff30e22c3260f

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

comctl32

shlwapi

Sections

.text Size: 8KB - Virtual size: 4KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 232KB - Virtual size: 229KB

.text
Size: 8KB - Virtual size: 4KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 232KB - Virtual size: 229KB