cbead103a6338f77383a58ff817a80049e38bd532008aae99e69829f107dacce

Sharing

Copy URL Twitter E-mail

General

Target

cbead103a6338f77383a58ff817a80049e38bd532008aae99e69829f107dacce
Size

308KB
MD5

1f7e5ce54babecb4435b6c2dac92c6db
SHA1

2c14793f726b26d5c699a368bcdee88063f7af88
SHA256

cbead103a6338f77383a58ff817a80049e38bd532008aae99e69829f107dacce
SHA512

5af40e2a835ff65dfc5c63367c9b0a7f571ba427f81c4afe1215de42ebc45ef6fc56b086bc0ebb1315a158e69179a63340c3cd08703e04cb70e50fbc35b13a4c
SSDEEP

6144:4F+EGSs9CcxyLZgTsv1RN/RYT6r3A7v6rEZdRvlcuwi:4Fnfs9HYZ0eRgmk7h

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cbead103a6338f77383a58ff817a80049e38bd532008aae99e69829f107dacce

Files

cbead103a6338f77383a58ff817a80049e38bd532008aae99e69829f107dacce
.exe windows x86

bf3f113c3a4f099274e81d3f014aa469

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
TerminateProcess
RtlUnwind
GetSystemTimeAsFileTime
HeapFree
HeapAlloc
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
ExitThread
CreateThread
GetStartupInfoA
GetCommandLineA
HeapReAlloc
HeapSize
SetStdHandle
GetFileType
LCMapStringA
LCMapStringW
GetTimeZoneInformation
HeapDestroy
HeapCreate
IsBadWritePtr
UnhandledExceptionFilter
GetStdHandle
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
QueryPerformanceCounter
GetCurrentProcessId
SetUnhandledExceptionFilter
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
SetEnvironmentVariableA
GetTickCount
SetErrorMode
GetOEMCP
GetCPInfo
GetACP
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
TlsGetValue
GlobalHandle
GlobalReAlloc
GlobalFlags
InterlockedIncrement
LeaveCriticalSection
EnterCriticalSection
LocalAlloc
GetFileTime
GetFileAttributesA
FileTimeToLocalFileTime
FileTimeToSystemTime
DeleteCriticalSection
InitializeCriticalSection
RaiseException
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
DuplicateHandle
UnlockFile
LockFile
FlushFileBuffers
ReadFile
InterlockedDecrement
GlobalGetAtomNameA
GlobalFindAtomA
lstrcmpW
FreeResource
WaitForSingleObject
GlobalAddAtomA
SetLastError
GlobalFree
FormatMessageA
lstrcpynA
LocalFree
GetCurrentThreadId
FreeLibrary
GlobalDeleteAtom
lstrcmpA
GetModuleHandleA
GetProcAddress
ConvertDefaultLocale
EnumResourceLanguagesA
LoadLibraryA
CopyFileA
GetSystemDirectoryA
DeleteFileA
lstrcpyA
WriteFile
GetCurrentThread
GetCurrentProcess
ResumeThread
MoveFileExA
GetWindowsDirectoryA
lstrcatA
CreateFileA
GetFileSize
CreateFileMappingA
MapViewOfFile
UnmapViewOfFile
SetFilePointer
SetEndOfFile
CompareStringW
CompareStringA
lstrlenA
lstrcmpiA
GetVersion
MultiByteToWideChar
MulDiv
GlobalAlloc
GlobalLock
GlobalUnlock
CloseHandle
GetTempPathA
CreateDirectoryA
GetPrivateProfileStringA
WideCharToMultiByte
FindResourceA
LoadResource
LockResource
SizeofResource
GetVersionExA
GetThreadLocale
GetLocaleInfoA
InterlockedExchange
GetPrivateProfileIntA
WritePrivateProfileStringA
CreateMutexA
GetLastError
GetModuleFileNameA
VirtualFree

user32

PostThreadMessageA
RegisterClipboardFormatA
MessageBeep
GetNextDlgGroupItem
InvalidateRgn
InvalidateRect
CopyAcceleratorTableA
SetRect
IsRectEmpty
CharNextA
GetSysColorBrush
ReleaseCapture
LoadCursorA
SetCapture
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
GetDC
DestroyMenu
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
SetDlgItemTextA
WinHelpA
GetCapture
CreateWindowExA
GetClassLongA
GetClassInfoExA
SetPropA
GetPropA
RemovePropA
SendDlgItemMessageA
SetFocus
IsChild
GetWindowTextA
GetForegroundWindow
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
MapWindowPoints
UpdateWindow
GetMenu
GetSysColor
AdjustWindowRectEx
ScreenToClient
EqualRect
GetClassInfoA
SetForegroundWindow
InflateRect
DrawIcon
AppendMenuA
GetSubMenu
LoadMenuA
SendMessageA
PostMessageA
GetSystemMenu
IsIconic
GetWindowRect
GetClientRect
GetParent
EnableWindow
RegisterClassA
UnregisterClassA
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
SetWindowLongA
OffsetRect
IntersectRect
GetWindowPlacement
CopyRect
PtInRect
GetDesktopWindow
CreateDialogIndirectParamA
DestroyWindow
GetNextDlgTabItem
EndDialog
GetWindow
SetWindowContextHelpId
MapDialogRect
SetWindowPos
GetDlgItem
SetMenuItemBitmaps
GetFocus
ModifyMenuA
EnableMenuItem
CheckMenuItem
GetMenuCheckMarkDimensions
SetWindowsHookExA
CallNextHookEx
GetMessageA
TranslateMessage
DispatchMessageA
GetActiveWindow
IsWindowVisible
GetKeyState
PeekMessageA
ValidateRect
GetLastActivePopup
IsWindowEnabled
ShowOwnedPopups
SetCursor
GetMenuState
GetMenuItemCount
PostQuitMessage
LoadIconA
GetWindowLongA
GetSystemMetrics
GetCursorPos
MessageBoxA
LoadBitmapA
MessageBoxExA
CharUpperA
SystemParametersInfoA
DestroyIcon
GetMenuItemID
SetTimer
KillTimer
SetActiveWindow
SetParent
IsWindow
LoadImageA
SetMenuDefaultItem
TrackPopupMenu
GetClassNameA
RegisterWindowMessageA
wsprintfA
ReleaseDC

gdi32

GetMapMode
GetRgnBox
DeleteDC
ExtSelectClipRgn
GetTextColor
GetBkColor
GetStockObject
GetObjectA
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
TextOutA
RectVisible
PtVisible
GetWindowExtEx
GetViewportExtEx
SetMapMode
RestoreDC
SaveDC
CreateRectRgnIndirect
ExtTextOutA
SetBkColor
SetTextColor
GetClipBox
CreateBitmap
DeleteObject
GetDeviceCaps

comdlg32

GetFileTitleA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegQueryValueExA
RegOpenKeyExA
RegOpenKeyA
RegDeleteKeyA
RegEnumKeyA
RegQueryValueA
RegCreateKeyExA
RegSetValueExA
RegCloseKey

shell32

Shell_NotifyIconA

comctl32

ord17
ImageList_Destroy
ImageList_LoadImageA

shlwapi

PathFindExtensionA
PathFileExistsA
PathAppendA
PathRemoveFileSpecA
PathStripPathA
PathFindFileNameA
PathStripToRootA
PathIsUNCA
UrlUnescapeA
PathRenameExtensionA

oledlg

ord8

ole32

CLSIDFromProgID
CreateStreamOnHGlobal
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
CoTaskMemFree
CoTaskMemAlloc
CoRevokeClassObject
CLSIDFromString
CoGetClassObject
StgOpenStorageOnILockBytes
OleUninitialize
CoFreeUnusedLibraries
OleInitialize
CoRegisterMessageFilter
OleFlushClipboard
OleIsCurrentClipboard

oleaut32

OleCreateFontIndirect
SysAllocString
SystemTimeToVariantTime
SafeArrayDestroy
OleLoadPicture
SysFreeString
SysStringLen
SysAllocStringByteLen
SysAllocStringLen
VariantClear
VariantChangeType
VariantInit
VariantCopy

wininet

InternetOpenA
InternetConnectA
InternetCanonicalizeUrlA
InternetCrackUrlA
InternetSetFilePointer
InternetCloseHandle
HttpOpenRequestA
HttpSendRequestA
HttpQueryInfoA
InternetReadFile

ttoolkit

UnCompressFile
ord12

Sections

.text
Size: 172KB - Virtual size: 170KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 48KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 72KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bf3f113c3a4f099274e81d3f014aa469

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

wininet

ttoolkit

Sections

.text Size: 172KB - Virtual size: 170KB

.rdata Size: 48KB - Virtual size: 45KB

.data Size: 12KB - Virtual size: 22KB

.rsrc Size: 72KB - Virtual size: 72KB

.text
Size: 172KB - Virtual size: 170KB

.rdata
Size: 48KB - Virtual size: 45KB

.data
Size: 12KB - Virtual size: 22KB

.rsrc
Size: 72KB - Virtual size: 72KB