536235a689c5bcf95dcb2e76ad7b8e47

Sharing

Copy URL

Twitter E-mail

General

Target

536235a689c5bcf95dcb2e76ad7b8e47
Size

30KB
MD5

536235a689c5bcf95dcb2e76ad7b8e47
SHA1

0a94e556f146d09144a2c36f4f3631423e8b3ba9
SHA256

a1ca90ba4f979b7158b15955b3ac28bcc33d333b0781bf065636a17b45882b2f
SHA512

b71c42265d88863a6cce01139d8fe757e3c3f3d053f804052cd6865b7eb1160aa60c8a55833d4371e0c8439494983eaa1cad00c51f72a03ed691157e304c5348
SSDEEP

768:DIFmFmywGCamE0Eca/qhgtKrjCM/7wco0c:8F0dw2mE09aSyYrjjRr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
536235a689c5bcf95dcb2e76ad7b8e47

Files

536235a689c5bcf95dcb2e76ad7b8e47
.exe windows:4 windows x86 arch:x86

8ecaf7debd90f5cfcc7e4ed1b6680ec1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentProcess
GetStdHandle
GetACP
GetOEMCP
lstrcpynW
LCMapStringW
GetStartupInfoA
lstrcpyA
GetStringTypeW
lstrcpynA
SetFilePointer
lstrcatA
LCMapStringA
GetStringTypeA
GetCommandLineA
SetHandleCount
GetFileType
GetModuleFileNameA
WriteFile
TerminateProcess
CreateFileA
MultiByteToWideChar
GetCPInfo
GetVersion

comctl32

CreateStatusWindow
CreateMappedBitmap
CreateToolbarEx
ImageList_Destroy
ImageList_EndDrag
ImageList_GetIconSize
ImageList_LoadImageA
CreateUpDownControl
ImageList_DragEnter
InitCommonControls
ImageList_Add
CreateStatusWindowW
ImageList_Draw
DllGetVersion
ImageList_Copy
ImageList_LoadImageW
ImageList_AddIcon
DrawStatusTextW
DrawStatusText
ImageList_Create
CreateToolbar

gdi32

CreateCompatibleDC
GetBitmapBits
GetPixel
GetClipBox
CreateCompatibleBitmap
ExcludeClipRect
ExtTextOutA
CreatePenIndirect
GetCurrentPositionEx
CreateDIBSection
GetBrushOrgEx
CreateBrushIndirect
RestoreDC
DeleteDC
SetTextColor
CreateBitmap
CreateFontIndirectA
CreateSolidBrush
GetPixel
DeleteObject
CreateHalftonePalette
GetDCOrgEx

advapi32

RegCreateKeyExA
RegEnumKeyW
RegEnumValueW
RegCreateKeyW
RegOpenKeyA
RegEnumKeyExA
RegQueryValueW
RegQueryValueExA
RegDeleteValueA
RegDeleteKeyW
RegOpenKeyW
RegDeleteValueW
RegEnumValueA
RegOpenKeyExA
RegDeleteKeyA
RegSetValueA
RegCreateKeyExW
RegQueryValueA
RegEnumKeyA
RegOpenKeyExW
RegQueryValueExW
RegCreateKeyA
RegSetValueW
RegEnumKeyExW

user32

GetCursor
GetDC
GetFocus
EndDialog
DialogBoxParamA
CreateIcon
DrawTextA
DrawIconEx
CopyRect
LoadMenuA
IsWindow
CloseWindow
CopyIcon
GetWindowTextA
GetDlgItem
GetMenu
CopyImage
DrawTextW
InsertMenuA
LoadCursorA
DialogBoxParamW
GetWindowTextLengthA

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 22KB - Virtual size: 131KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8ecaf7debd90f5cfcc7e4ed1b6680ec1

Headers

File Characteristics

Imports

kernel32

comctl32

gdi32

advapi32

user32

Sections

.text Size: 3KB - Virtual size: 2KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 22KB - Virtual size: 131KB

.text
Size: 3KB - Virtual size: 2KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 22KB - Virtual size: 131KB