5635f0df49f6905e07341badbf738c29

Sharing

Copy URL Twitter E-mail

General

Target

5635f0df49f6905e07341badbf738c29
Size

462KB
MD5

5635f0df49f6905e07341badbf738c29
SHA1

7d8007dab36c51d1894b99b17d1788e6cc8a655d
SHA256

b54d9c30e200684f23af1b3b7e625f462eab31819a7965fddf5e510af26968ef
SHA512

307ddfc264a088a05cac9c48a8f50fd2d6e8e8772eb81403e2f292ef3b83430b358c19a8e6b41fceaaaf291ac8cb32ee8b7f9ea72e3de14544d35e1d4c350ce8
SSDEEP

12288:VyB1kttEH++Xysl9Bkhy3SvkxwihqmVqX:VyBuR+ikL6ihqei

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5635f0df49f6905e07341badbf738c29

Files

5635f0df49f6905e07341badbf738c29
.exe windows:4 windows x86 arch:x86

7249a053fceeb08fee0428b1eae2b49a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

RemoveMenu
KillTimer
DdeDisconnectList
ExcludeUpdateRgn
SetWindowPlacement
PostQuitMessage
EditWndProc
CheckRadioButton
ChangeDisplaySettingsExW
MsgWaitForMultipleObjectsEx
RegisterClassA
LoadStringW
CharUpperA
SetMenuItemInfoW
InvalidateRect
IsDialogMessageA
EqualRect
EnumDesktopWindows
VkKeyScanW
GetScrollRange
RegisterClassExA

comdlg32

ChooseColorW
LoadAlterBitmap
PrintDlgA
GetSaveFileNameA

advapi32

CryptGetHashParam
CryptDuplicateHash
LogonUserW
CryptVerifySignatureW
CryptGetKeyParam
RegSetValueExA
RegQueryValueExA
RegCreateKeyExW
CryptSetProviderA
RegOpenKeyExW
RegSaveKeyW
CryptContextAddRef
LookupSecurityDescriptorPartsW
RegRestoreKeyW
RegOpenKeyExA

kernel32

TlsAlloc
InitializeCriticalSection
SetLastError
GetCurrencyFormatA
FlushFileBuffers
GetCurrentThread
InterlockedExchange
FreeLibraryAndExitThread
InterlockedIncrement
GetStringTypeA
TlsFree
TerminateProcess
LoadLibraryA
WriteFile
VirtualFree
InterlockedDecrement
MultiByteToWideChar
GetTickCount
TlsGetValue
OpenMutexA
HeapDestroy
GetCommandLineA
GetLastError
FindResourceExA
GetTimeZoneInformation
GetModuleHandleW
VirtualAlloc
LCMapStringW
GetEnvironmentStringsW
SetHandleCount
CompareStringA
FreeEnvironmentStringsW
QueryPerformanceCounter
GetProfileStringA
GetStdHandle
DeleteCriticalSection
GetSystemTime
SetThreadContext
EnterCriticalSection
GetFullPathNameA
ReadFile
GetCurrentProcess
GetOEMCP
VirtualProtect
SetCriticalSectionSpinCount
TlsSetValue
LeaveCriticalSection
CreateEventA
LoadModule
HeapReAlloc
GetPrivateProfileIntA
GetStartupInfoA
CloseHandle
CreateMutexA
FreeEnvironmentStringsA
GetCPInfo
WideCharToMultiByte
HeapFree
GetProcessAffinityMask
LCMapStringA
SetFilePointer
GlobalUnfix
lstrcmpA
WaitForSingleObjectEx
GetFileAttributesExW
ExitProcess
GetACP
RtlUnwind
GetThreadTimes
GetStringTypeW
GetProcAddress
GetCurrentThreadId
GetLocalTime
lstrcpyW
IsBadWritePtr
GetFileType
GetSystemTimeAsFileTime
SetStdHandle
HeapCreate
GetModuleFileNameA
GetEnvironmentStrings
GlobalCompact
GetUserDefaultLangID
HeapAlloc
SetEnvironmentVariableA
GetVersion
CompareStringW
UnhandledExceptionFilter
WritePrivateProfileStructW
GetCurrentProcessId
VirtualQuery
GetModuleHandleA
CreateMailslotW

wininet

ShowClientAuthCerts
GetUrlCacheEntryInfoExW
DeleteUrlCacheEntryW
FtpPutFileEx
InternetSetCookieA
InternetGetCookieA
FtpSetCurrentDirectoryA
InternetAutodialHangup

comctl32

InitCommonControlsEx

Sections

.text
Size: 309KB - Virtual size: 309KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 37KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 102KB - Virtual size: 102KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7249a053fceeb08fee0428b1eae2b49a

Headers

File Characteristics

Imports

user32

comdlg32

advapi32

kernel32

wininet

comctl32

Sections

.text Size: 309KB - Virtual size: 309KB

.rdata Size: 37KB - Virtual size: 68KB

.data Size: 102KB - Virtual size: 102KB

.rsrc Size: 12KB - Virtual size: 11KB

.text
Size: 309KB - Virtual size: 309KB

.rdata
Size: 37KB - Virtual size: 68KB

.data
Size: 102KB - Virtual size: 102KB

.rsrc
Size: 12KB - Virtual size: 11KB