35799d3a7843f52f9b781e64a89663bbbafc868ca62ff2dca80ead764ea83e06

Sharing

Copy URL

Twitter E-mail

General

Target

35799d3a7843f52f9b781e64a89663bbbafc868ca62ff2dca80ead764ea83e06
Size

732KB
MD5

4526f8112103fdb529344afd31e5bd02
SHA1

2cd3698fcec6f638a42b89e47f6fbe3bc57d0e89
SHA256

35799d3a7843f52f9b781e64a89663bbbafc868ca62ff2dca80ead764ea83e06
SHA512

be34152fc4bd1a3b623564a73796fa30d6a21e152aeae82930449df5cd49cd3a774a6889a24c9ed6716cebed3265be298233ffd66b3d31c62657af1b746bc1d9
SSDEEP

12288:2X4Ylrk8b7Fx8b/R0JJZjqb1sn1nkRqj06XLcX8RD3wo3PqaYvMj:2X4or14bp0JJ21CpjJRDACzYC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
35799d3a7843f52f9b781e64a89663bbbafc868ca62ff2dca80ead764ea83e06

Files

35799d3a7843f52f9b781e64a89663bbbafc868ca62ff2dca80ead764ea83e06
.exe windows:4 windows x86 arch:x86

716d64333bc9ae44bf3e8026ee19ce11

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\build\clients2\sc\sda\Release\PGPsda.pdb

Imports

comctl32

ord17

kernel32

HeapSize
SetEndOfFile
GetSystemInfo
VirtualProtect
GetLocaleInfoA
CreateFileW
InitializeCriticalSection
VirtualQuery
InterlockedExchange
RtlUnwind
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetStringTypeW
GetStringTypeA
LCMapStringW
MultiByteToWideChar
WideCharToMultiByte
LCMapStringA
TlsGetValue
TlsSetValue
TlsFree
SetLastError
TlsAlloc
GetCPInfo
GetOEMCP
FlushFileBuffers
WriteFile
SetStdHandle
GetFileType
GetStdHandle
SetHandleCount
VirtualAlloc
DeleteCriticalSection
VirtualFree
HeapCreate
IsDBCSLeadByteEx
MulDiv
CreateFileA
DeleteFileA
GetFileAttributesA
CreateSemaphoreA
WaitForSingleObject
CloseHandle
CreateThread
lstrcpyA
ReleaseSemaphore
GetProcAddress
FreeLibrary
GetVersionExA
HeapDestroy
LeaveCriticalSection
lstrlenA
LoadLibraryA
GetModuleFileNameA
GetACP
ReadFile
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
ExitProcess
HeapFree
GetLastError
SetFilePointer
HeapAlloc
HeapReAlloc
CreateDirectoryW
CreateDirectoryA
DeleteFileW
RemoveDirectoryW
RemoveDirectoryA
GetSystemTimeAsFileTime
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
QueryPerformanceCounter
EnterCriticalSection

user32

GetKeyState
RegisterClassA
LoadStringA
MessageBoxW
MessageBoxA
SetWindowPos
GetSystemMetrics
GetWindowRect
DefWindowProcA
UpdateWindow
ShowWindow
SetWindowLongW
GetFocus
GetClientRect
CallWindowProcW
SetCaretPos
DestroyCaret
CreateCaret
ShowCaret
GetWindow
FillRect
GetParent
KillTimer
IsDlgButtonChecked
CheckDlgButton
LoadIconA
SetFocus
CreateWindowExA
GetKeyboardLayout
DialogBoxParamA
EndDialog
IsWindowEnabled
SetForegroundWindow
SetTimer
GetDlgItem
MapWindowPoints
SetWindowTextA
SendDlgItemMessageA
ActivateKeyboardLayout
SendMessageA
GetDC
ReleaseDC
SetWindowLongA
SystemParametersInfoA
GetWindowTextA
GetWindowLongA
CallWindowProcA
IsWindowVisible
BeginPaint
DrawIcon
GetSysColor
EndPaint
InvalidateRect

gdi32

DeleteDC
GetTextMetricsA
CreateCompatibleDC
CreateCompatibleBitmap
GetStockObject
GetObjectA
GetDeviceCaps
GetTextExtentPoint32W
ExtTextOutW
BitBlt
SetBkMode
TextOutW
TranslateCharsetInfo
DeleteObject
CreateSolidBrush
CreatePen
CreateFontIndirectA
SelectObject
SetTextColor
SetBkColor
Rectangle
ExtTextOutA

comdlg32

GetSaveFileNameA

advapi32

RegQueryValueExA
RegOpenKeyExA
RegCloseKey

shell32

SHBrowseForFolderA
SHGetPathFromIDListA
SHGetMalloc

Sections

.text
Size: 70KB - Virtual size: 70KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

716d64333bc9ae44bf3e8026ee19ce11

Headers

File Characteristics

PDB Paths

Imports

comctl32

kernel32

user32

gdi32

comdlg32

advapi32

shell32

Sections

.text Size: 70KB - Virtual size: 70KB

.rdata Size: 22KB - Virtual size: 22KB

.data Size: 8KB - Virtual size: 13KB

.rsrc Size: 30KB - Virtual size: 30KB

.text
Size: 70KB - Virtual size: 70KB

.rdata
Size: 22KB - Virtual size: 22KB

.data
Size: 8KB - Virtual size: 13KB

.rsrc
Size: 30KB - Virtual size: 30KB