35b079d137aa5c8d7790963da52dff77e50e11e850906fef235dce25ca74b7b6[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

35b079d137aa5c8d7790963da52dff77e50e11e850906fef235dce25ca74b7b6.exe
Size

2.2MB
MD5

9c9b588830b7dc670cb8aa473a8142db
SHA1

e89a6d8d9fdc74ffc17898a6af46adc2a8d25ebe
SHA256

35b079d137aa5c8d7790963da52dff77e50e11e850906fef235dce25ca74b7b6
SHA512

949e0da2404d171375196d19e61eaf149ade57f6913df4fe66247ab68885674ab9884f98bf946e0012ec3c67833cbb6bec7a66ef53b3c2713ee1769bf491e04a
SSDEEP

6144:CiR/yog1x3gCU3gS90XvhkDUjTHRXYPLJBm6LrUnuKL0HptvSM7+fTCowfVKzF:CqjuU3yjjRXYPLPQLk7vY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
35b079d137aa5c8d7790963da52dff77e50e11e850906fef235dce25ca74b7b6.exe

Files

35b079d137aa5c8d7790963da52dff77e50e11e850906fef235dce25ca74b7b6.exe
.exe windows:4 windows x86 arch:x86

360cd7e9890e0889387b6bd77d91c033

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

version

VerQueryValueA
GetFileVersionInfoSizeA
GetFileVersionInfoA

kernel32

SetFilePointer
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
GetFileSize
DuplicateHandle
GetCurrentProcess
GetVolumeInformationA
GetFullPathNameA
CreateFileA
GetCPInfo
GetOEMCP
SetErrorMode
GetFileAttributesA
GetFileTime
GetTickCount
RtlUnwind
ExitProcess
HeapReAlloc
VirtualProtect
VirtualAlloc
VirtualQuery
GetCommandLineA
GetStartupInfoA
RaiseException
HeapSize
UnhandledExceptionFilter
WriteFile
IsDebuggerPresent
GetACP
GetStringTypeA
GetStringTypeW
GetStdHandle
VirtualFree
HeapDestroy
HeapCreate
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
QueryPerformanceCounter
GetSystemTimeAsFileTime
GetTimeZoneInformation
GetDriveTypeA
LCMapStringA
LCMapStringW
SetStdHandle
GetConsoleCP
GetConsoleMode
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetEnvironmentVariableA
ReadFile
GlobalFlags
GetCurrentDirectoryA
WritePrivateProfileStringA
GetThreadLocale
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalAlloc
InterlockedIncrement
GlobalGetAtomNameA
GlobalFindAtomA
lstrcmpW
GlobalAddAtomA
GetCurrentProcessId
InterlockedDecrement
GetModuleFileNameW
FreeResource
GetCurrentThread
GetCurrentThreadId
ConvertDefaultLocale
EnumResourceLanguagesA
GetLocaleInfoA
lstrcmpA
GlobalDeleteAtom
FindFirstFileA
FileTimeToLocalFileTime
FileTimeToSystemTime
FindNextFileA
FindClose
SetLastError
FormatMessageA
LocalFree
MulDiv
CompareStringW
CompareStringA
GetVersion
InterlockedExchange
GetPrivateProfileIntA
GetPrivateProfileStringA
GlobalAlloc
GlobalLock
GetLastError
GlobalUnlock
GlobalFree
GetModuleHandleA
GetSystemInfo
GetModuleFileNameA
CreateProcessA
WaitForSingleObject
Sleep
GetExitCodeProcess
WideCharToMultiByte
lstrlenA
GetWindowsDirectoryA
GetSystemDirectoryA
GetTempPathA
lstrcatA
GetComputerNameA
GetVersionExA
LoadLibraryA
GetProcAddress
HeapAlloc
GetProcessHeap
HeapFree
OpenProcess
CloseHandle
TerminateProcess
FreeLibrary
lstrcpyA
FindResourceA
LoadResource
LockResource
SizeofResource
MultiByteToWideChar
SetUnhandledExceptionFilter

user32

RegisterClipboardFormatA
PostThreadMessageA
SetCapture
EndPaint
BeginPaint
GetWindowDC
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
ClientToScreen
LoadCursorA
GetDC
ReleaseDC
GetSysColorBrush
RegisterWindowMessageA
WinHelpA
IsChild
GetCapture
GetClassLongA
GetClassNameA
SetPropA
GetPropA
RemovePropA
GetForegroundWindow
GetTopWindow
GetMessageTime
GetMessagePos
MapWindowPoints
SetForegroundWindow
GetClientRect
GetMenu
CreateWindowExA
GetClassInfoA
RegisterClassA
GetSysColor
AdjustWindowRectEx
EqualRect
CopyRect
PtInRect
DefWindowProcA
CallWindowProcA
OffsetRect
IntersectRect
SystemParametersInfoA
IsIconic
GetWindowRect
GetWindowTextLengthA
GetWindowTextA
SetFocus
ShowWindow
MoveWindow
SetWindowLongA
GetDlgCtrlID
IsDialogMessageA
SendDlgItemMessageA
GetWindow
SetWindowContextHelpId
MapDialogRect
SetWindowPos
SetCursor
SetWindowsHookExA
CallNextHookEx
GetMessageA
TranslateMessage
DispatchMessageA
IsWindowVisible
GetKeyState
GetCursorPos
ValidateRect
GetWindowThreadProcessId
GetLastActivePopup
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapA
GetFocus
ModifyMenuA
EnableMenuItem
CheckMenuItem
UnhookWindowsHookEx
GetActiveWindow
SetActiveWindow
GetSystemMetrics
CreateDialogIndirectParamA
DestroyMenu
MessageBeep
GetNextDlgGroupItem
InvalidateRgn
SetRect
IsRectEmpty
CopyAcceleratorTableA
CharNextA
UnregisterClassA
GetClassInfoExA
ReleaseCapture
DestroyWindow
GetWindowLongA
GetDlgItem
IsWindowEnabled
GetParent
GetNextDlgTabItem
EndDialog
PostMessageA
PostQuitMessage
GetMenuState
GetMenuItemID
GetMenuItemCount
GetSubMenu
CharUpperA
LoadIconA
EnableWindow
GetDesktopWindow
InvalidateRect
UpdateWindow
IsWindow
MessageBoxA
WaitMessage
PeekMessageA
SendMessageA
SetWindowTextA
GetWindowPlacement

gdi32

ScaleWindowExtEx
ExtSelectClipRgn
DeleteDC
PtVisible
GetStockObject
SetWindowExtEx
GetBkColor
GetTextColor
CreateRectRgnIndirect
GetRgnBox
GetMapMode
GetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
ExtTextOutA
TextOutA
CreateBitmap
GetDeviceCaps
GetViewportExtEx
SetMapMode
RestoreDC
SaveDC
DeleteObject
GetObjectA
SetBkColor
SetTextColor
GetClipBox
RectVisible

comdlg32

GetFileTitleA

winspool.drv

ClosePrinter
OpenPrinterA
DocumentPropertiesA

advapi32

RegQueryValueA
RegEnumKeyA
RegOpenKeyA
RegDeleteKeyA
RegDeleteValueA
RegCreateKeyExA
RegSetValueExA
RegQueryValueExA
RegOpenKeyExA
RegCloseKey

shell32

SHBrowseForFolderA
SHGetDesktopFolder
SHGetMalloc
ShellExecuteA
SHGetPathFromIDListA

shlwapi

PathFindFileNameA
PathStripToRootA
PathFindExtensionA
PathIsUNCA

oledlg

ord8

ole32

OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CLSIDFromString
OleFlushClipboard
CoTaskMemAlloc
CoTaskMemFree
CoRevokeClassObject
OleIsCurrentClipboard
CLSIDFromProgID
CoRegisterMessageFilter

oleaut32

SysStringLen
SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayDestroy
VariantCopy
VariantInit
VariantChangeType
VariantClear
SysAllocStringLen
SysAllocStringByteLen
SysFreeString
OleCreateFontIndirect
SysAllocString

Sections

.text
Size: 280KB - Virtual size: 279KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 64KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

360cd7e9890e0889387b6bd77d91c033

Headers

File Characteristics

Imports

version

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

shlwapi

oledlg

ole32

oleaut32

Sections

.text Size: 280KB - Virtual size: 279KB

.rdata Size: 64KB - Virtual size: 63KB

.data Size: 12KB - Virtual size: 27KB

Size: 1.8MB - Virtual size: 1.8MB

.text
Size: 280KB - Virtual size: 279KB

.rdata
Size: 64KB - Virtual size: 63KB

.data
Size: 12KB - Virtual size: 27KB