85cd9faac0846194c11a195c696b8276

Sharing

Copy URL Twitter E-mail

General

Target

85cd9faac0846194c11a195c696b8276
Size

2.0MB
MD5

85cd9faac0846194c11a195c696b8276
SHA1

c112cc87d53ed513c63e22f9c03121c94273199c
SHA256

cfe99dc04cad284fb38c00316429ddb0f20b5dca5e5e5ef6c3ab583b9e8bc87e
SHA512

2fa649642bb24f43c283400b722a40c9e2c2b08bbf33a79236100a7b1b9f5c8d864097c64c89cdb30991fb1ed02e2967feb2e5952d25bd978eacb9138bffc855
SSDEEP

49152:C3m8L+XfCHFrmFutPW9eJp6B7m9A9Fx9ny53V/MpMjWe:C28L4CHFrmFutPvpQ7EoFxyPWe

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
85cd9faac0846194c11a195c696b8276

Files

85cd9faac0846194c11a195c696b8276
.exe windows:4 windows x86 arch:x86

350d0040c35918dd2247358b59955f33

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetConsoleTitleA
GetCommState
SetSystemTime
FindNextChangeNotification
GetProcessHeap
GlobalDeleteAtom
PeekNamedPipe
GetStringTypeExW
GetTickCount
GlobalAddAtomA
TryEnterCriticalSection
FindFirstFileW
SwitchToFiber
GetOverlappedResult
GlobalAddAtomW
SetCurrentDirectoryA
SetEndOfFile
RemoveDirectoryW
GetHandleInformation
SetThreadLocale
CompareStringW
SetCommMask
GetDiskFreeSpaceW
EnumResourceLanguagesW
GetLogicalDriveStringsA
FileTimeToLocalFileTime
FindFirstFileExW
lstrcmpiW
ScrollConsoleScreenBufferA
GetCommandLineW
PurgeComm
GetPrivateProfileSectionW
SetCommTimeouts
ExitProcess
SetErrorMode
MoveFileExA
IsDBCSLeadByteEx
LocalReAlloc

advapi32

GetSecurityDescriptorDacl
GetCurrentHwProfileW
BuildTrusteeWithSidW
CloseServiceHandle
RegSetValueW
IsTextUnicode
CryptReleaseContext
AllocateAndInitializeSid
RegQueryValueExA
CryptImportKey
RegCreateKeyW
CryptGenRandom
AbortSystemShutdownW
SetServiceStatus
GetSidSubAuthorityCount
RegUnLoadKeyW

ole32

CoFreeAllLibraries
CoImpersonateClient
StgSetTimes
CoUninitialize

version

GetFileVersionInfoA
VerFindFileA
GetFileVersionInfoSizeA

user32

GetClipCursor
SetKeyboardState
GetMenuItemID
CharUpperA
wsprintfW
SetSysColors
LoadImageW
IsRectEmpty
AppendMenuW
GetKeyboardLayoutNameW
IsCharUpperA
RegisterDeviceNotificationW
ValidateRect
GetKeyboardState
GetWindow
TabbedTextOutW
SetClipboardViewer

msvcrt

_wmakepath
_mbsdec
strstr
time
rename
_popen
puts
bsearch
iswdigit
wcstok
fwprintf
_mbctoupper
_putenv
iswctype
swprintf
ftell
_finite
_sleep
_wspawnvp

Sections

.text
Size: 5KB - Virtual size: 221KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text
Size: 512B - Virtual size: 18B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

350d0040c35918dd2247358b59955f33

Headers

File Characteristics

Imports

kernel32

advapi32

ole32

version

user32

msvcrt

Sections

.text Size: 5KB - Virtual size: 221KB

.text Size: 512B - Virtual size: 18B

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 1.8MB - Virtual size: 1.8MB

.rsrc Size: 17KB - Virtual size: 16KB

.text
Size: 5KB - Virtual size: 221KB

.text
Size: 512B - Virtual size: 18B

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 1.8MB - Virtual size: 1.8MB

.rsrc
Size: 17KB - Virtual size: 16KB