004cdc6996225f244aef124edc72f90434a872b3d4fa56d5ebc2655473733aef[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

004cdc6996225f244aef124edc72f90434a872b3d4fa56d5ebc2655473733aef.exe
Size

100KB
MD5

a0fed8de59e6f6ce77da7788faef5489
SHA1

96ebbf821f37dc2dcebc177fc3a6c17b3171aab3
SHA256

004cdc6996225f244aef124edc72f90434a872b3d4fa56d5ebc2655473733aef
SHA512

e30357077ba4d61aadf9929c75f74d86898aa17564fd8f40c4f00db6103cd331c619352be4101edfbb89423d20e4f572104684637024303e914e943caee26f8b
SSDEEP

1536:SkZzt5HhE73kH54aUEvVqs/PKO97CDkDG2LyeUOKFCDRifOVDYEzJOlHLum6:DLphG5GaO97aMG2+eUO+7iDYEz4V6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
004cdc6996225f244aef124edc72f90434a872b3d4fa56d5ebc2655473733aef.exe

Files

004cdc6996225f244aef124edc72f90434a872b3d4fa56d5ebc2655473733aef.exe
.exe windows x86

f6e5d8f2cfa29eac9c49b4227f4961fa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

OpenProcess
GetConsoleCP
WideCharToMultiByte
GetLocaleInfoW
InitializeCriticalSectionAndSpinCount
Sleep
SizeofResource
FormatMessageW
GetTimeFormatW
MulDiv
LocalReAlloc
FileTimeToSystemTime
CreateFileW
lstrcatA
RaiseException
LCMapStringA
GetConsoleOutputCP
GetThreadLocale
GetProcAddress
VirtualAlloc
HeapSize
FindClose
LoadLibraryA
WriteConsoleA
CreateFileMappingW
LockResource
WaitForMultipleObjects
SetEnvironmentVariableA
GetOEMCP
GetModuleHandleA
IsDebuggerPresent
WriteProfileStringW
QueryPerformanceFrequency
GetUserDefaultUILanguage
CloseHandle
LocalFree
GetSystemTime
ResumeThread
lstrcpyW
lstrcpyA
GetCPInfo
GetStringTypeW
TlsSetValue
MultiByteToWideChar
GetLocaleInfoA
RtlUnwind
HeapAlloc
IsValidCodePage
GetACP
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
EnterCriticalSection
LeaveCriticalSection
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
HeapFree
HeapCreate
InterlockedDecrement
GetCurrentThreadId
SetLastError
InterlockedIncrement
TlsFree
TlsAlloc
TlsGetValue
DeleteCriticalSection
GetFileType
GetEnvironmentStringsW
GetLastError
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetModuleFileNameA
GetStdHandle
GetModuleHandleW
GetStartupInfoA
GetCommandLineA
UnmapViewOfFile
MapViewOfFile
GetStringTypeA
FindResourceA
HeapReAlloc
GetDateFormatW
GetComputerNameA
SetHandleCount
WriteFile
VirtualFree
SetEvent
WaitForSingleObject
GlobalLock
GlobalSize
SystemTimeToFileTime
LoadResource
SetUnhandledExceptionFilter
FreeLibrary
SetEndOfFile
lstrcpynA
LCMapStringW
VirtualQuery
ExitProcess

user32

HideCaret
IsIconic
PostMessageW
GetSystemMenu
GetMessageW
ScreenToClient
MsgWaitForMultipleObjects
IsZoomed
GetSubMenu
SetForegroundWindow
LoadStringA
GetParent
LoadIconA
GetClientRect
DrawTextExW
SetFocus
GetMenuCheckMarkDimensions
CharLowerW
wsprintfW
DrawFocusRect
ChildWindowFromPoint
RegisterClassExW
OffsetRect
GetKeyboardLayout
InvalidateRect
GetWindowLongW
SystemParametersInfoW
ReleaseDC
EnableMenuItem
GetDlgItem
SetWindowLongW
EndDialog
SetWindowsHookExA
SendDlgItemMessageW
GetCursorPos
ShowWindow
SetMenu
CreatePopupMenu
GetSysColorBrush
CreateDialogParamW
CreateWindowExW
DispatchMessageA
MessageBoxW
GetSystemMetrics
SetWindowTextA
GetDlgItemTextW
UpdateWindow
SetClipboardData
CallWindowProcA
DestroyMenu
FindWindowA
SetWindowTextW
WinHelpW
GetProcessDefaultLayout
GetDialogBaseUnits
DispatchMessageW
SetDlgItemInt

gdi32

SetBkColor
CreateBitmap
SelectObject
CreateCompatibleDC
GetObjectW
GetTextExtentPointA
GetObjectA
TextOutW
EnumFontsW

comdlg32

FindTextW
PrintDlgExW
PageSetupDlgW
GetSaveFileNameA

advapi32

RegSetValueExA
CreateServiceA
InitializeSecurityDescriptor
StartServiceA
OpenSCManagerA
ControlService
RegCloseKey
OpenServiceA

shell32

DragQueryFileW
Shell_NotifyIconA

Sections

.text
Size: 38KB - Virtual size: 38KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f6e5d8f2cfa29eac9c49b4227f4961fa

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

Sections

.text Size: 38KB - Virtual size: 38KB

.rdata Size: 10KB - Virtual size: 9KB

.data Size: 3KB - Virtual size: 6KB

.rsrc Size: 42KB - Virtual size: 41KB

.reloc Size: 5KB - Virtual size: 4KB

.text
Size: 38KB - Virtual size: 38KB

.rdata
Size: 10KB - Virtual size: 9KB

.data
Size: 3KB - Virtual size: 6KB

.rsrc
Size: 42KB - Virtual size: 41KB

.reloc
Size: 5KB - Virtual size: 4KB