35067212c4c4dd45b0ce318210ea710ae0840f654762daebe6d36b6ee0e02841

Sharing

Copy URL Twitter E-mail

General

Target

35067212c4c4dd45b0ce318210ea710ae0840f654762daebe6d36b6ee0e02841
Size

42KB
MD5

0939f487ff86e1fb2c5f8be0105c3e14
SHA1

ed231119c664d54a2beb4be116fedf9357d7e9f4
SHA256

35067212c4c4dd45b0ce318210ea710ae0840f654762daebe6d36b6ee0e02841
SHA512

fb990b6db084519e6670462c626610c751d2ef464b7a22a2e6599f981ca683e8ff3a42e066c8a6d70228dc045894d8c915865c46fc293feb16d1c3ca2b7948ca
SSDEEP

96:s7sxW30T8pf1Hmxd/65HPPEmxAqF3yXJ9B:KJfFu/61EJqZ0J9B

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
35067212c4c4dd45b0ce318210ea710ae0840f654762daebe6d36b6ee0e02841

Files

35067212c4c4dd45b0ce318210ea710ae0840f654762daebe6d36b6ee0e02841
.exe windows:5 windows x86 arch:x86

31ddbe28f0eb205fd057ffba459f11e2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalAlloc
GetVersionExW
GetFileAttributesA
CreateProcessA
GetBinaryTypeA
MultiByteToWideChar
GetLargestConsoleWindowSize
GetCurrencyFormatW
GetTempFileNameA
AddAtomW
ConvertDefaultLocale
GetModuleFileNameA
CloseHandle
GetTempPathA
GetTickCount
WaitForSingleObject
_lwrite
MapViewOfFileEx
GetDefaultCommConfigW
OpenFile
SetStdHandle
FindResourceA

gdi32

GetObjectType
SetWindowExtEx
EnumObjects
SetBitmapBits
SetRectRgn
CreatePatternBrush
MaskBlt

msvcrt

memset
memcpy

shlwapi

StrStrIA

user32

GetMenuDefaultItem
UnloadKeyboardLayout
WindowFromDC
MessageBoxExW
FindWindowExW
GetDlgItem
ShowWindowAsync
wsprintfA

ws2_32

htons
WSAStartup
connect
socket
closesocket
gethostbyname
send
recv

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

gu_idata
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.htext
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

31ddbe28f0eb205fd057ffba459f11e2

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

gdi32

msvcrt

shlwapi

user32

ws2_32

Sections

.text Size: 4KB - Virtual size: 4KB

.rdata Size: 20KB - Virtual size: 20KB

.data Size: 4KB - Virtual size: 4KB

.reloc Size: 8KB - Virtual size: 8KB

gu_idata Size: 1KB - Virtual size: 4KB

.htext Size: 4KB - Virtual size: 4KB

.text
Size: 4KB - Virtual size: 4KB

.rdata
Size: 20KB - Virtual size: 20KB

.data
Size: 4KB - Virtual size: 4KB

.reloc
Size: 8KB - Virtual size: 8KB

gu_idata
Size: 1KB - Virtual size: 4KB

.htext
Size: 4KB - Virtual size: 4KB