ac35d426ae860de5c97306b176a3f88b | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ac35d426ae860de5c97306b176a3f88b
Size

96KB
MD5

ac35d426ae860de5c97306b176a3f88b
SHA1

ab37fa89e688e436f276f0317ccb17168f6299aa
SHA256

11fdb23ff273ee61744490be5b5932d8c52dd6e26ab5546295015a15ba8afd43
SHA512

6f78fa5b27cff5aa69f695caf7a5c1ff04c1febb7bd3ba5ec61b6801c3450f25d89ec091ab7fbe0b30225028c0fc0f2849ecc0faa1f20aa88fa288f08f31a401
SSDEEP

1536:ebBxmVOuzJ9+oHS9f3b0+q0TUfsZg8Oz+/0WVJOSpN0E4/E:ABxm3JUSE3bB31O6/tJPX0f/E

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ac35d426ae860de5c97306b176a3f88b

Files

ac35d426ae860de5c97306b176a3f88b
.exe windows:4 windows x86 arch:x86

2011548502360da4010e68dee55c115f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

DialogBoxParamA
GetDlgItem
SendMessageA
RegisterHotKey
UpdateWindow
EndDialog
wsprintfA
GetDlgItemTextA
SendDlgItemMessageA
SetDlgItemTextA
OpenClipboard
IsClipboardFormatAvailable
GetClipboardData
CloseClipboard

kernel32

LoadLibraryA
GetProcAddress
FreeLibrary
RtlZeroMemory
lstrlenA
ReadProcessMemory
WriteProcessMemory
ResumeThread
Sleep
GetThreadContext
SuspendThread
lstrcatA
GlobalFree
CreateProcessA
SetThreadContext
VirtualAlloc
GetModuleHandleA
GetTickCount
ExitProcess
CreateFileA
GetFileSize
GlobalAlloc
ReadFile
CloseHandle
WriteFile
FlushFileBuffers

comdlg32

GetOpenFileNameA

msvcrt

malloc
memset
memcpy
_putenv
time
free
sprintf
strchr

Sections

.text
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 237B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 41KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE