635b17598d5d1be1adadfea4ee323dec | Triage

Sharing

General

Target

635b17598d5d1be1adadfea4ee323dec
Size

114KB
MD5

635b17598d5d1be1adadfea4ee323dec
SHA1

0df8f3d6bbb4518212c747f0582449aae73f71eb
SHA256

e086ac85fb3aa349b648a50b242579dd4ea0682060db03c1d91068e2d814fa28
SHA512

469ffbab98f5dfa86db2d98f62aed69ad9fb9af863e1877f467b21b123d1b4f672f0f86fcee0f0b80ec3a8544c783a819d9dfa7693218e7d389c3812a6965260
SSDEEP

1536:0o2ILxTWxRz88rxaplYRhRRMC5M3zdP7++DZzBZWxF58dy3i6xwQJqScEXX7Oy:V2CTZ8dacRhnbyz9jzBZrScEXrO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
635b17598d5d1be1adadfea4ee323dec

Files

635b17598d5d1be1adadfea4ee323dec
.exe windows:5 windows x86 arch:x86

86f99dbdec13cab2f3988c9b9515c238

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcmpiA
GetWindowsDirectoryA
lstrcmpiW
RemoveDirectoryA
CopyFileA
GetCommandLineA
lstrcmpA
lstrlenA
GetSystemTime
lstrlenW
VirtualAlloc
VirtualFree
DeleteFileA
QueryPerformanceCounter
GlobalFindAtomA
RemoveDirectoryW
GetModuleHandleA
FindClose

user32

GetSystemMetrics
GetParent
GetDesktopWindow
CharNextA
GetDC
TranslateMessage

gdi32

SetStretchBltMode
LineTo
GetPixel
RestoreDC
GetStockObject
DeleteDC
SetTextColor
SelectObject
SaveDC
SetTextAlign
DeleteObject
RectVisible
CreatePalette
CreateSolidBrush
SelectPalette
CreateFontIndirectA
GetClipBox
SetMapMode
CreateCompatibleDC
GetTextMetricsA

glu32

gluNurbsCallback

Sections

.text
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 53KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ