60cd37bef48227f709594aa10afd5a25959472f4c4833eda0b262aa47cf10db1

Sharing

Copy URL

Twitter E-mail

General

Target

60cd37bef48227f709594aa10afd5a25959472f4c4833eda0b262aa47cf10db1
Size

36KB
MD5

edcf1dd8aee5e14752664301ed6d1a64
SHA1

5575d04d3e67a51416ed88a6bab95e9b66be1be9
SHA256

60cd37bef48227f709594aa10afd5a25959472f4c4833eda0b262aa47cf10db1
SHA512

47c6c64084a3d849db70281b2b2175da9ca25d61b731a73293b69612963328f17fdac5427f3339c56bf2a71786bf3a98f21f94c9ef70f1d738d46971b3520728
SSDEEP

384:xJMb5UEbqV/L3RVJ+KcVFiMpXayxDWQ1xm2lgEZWi+11:xSDbqV/gKtMRayxD9DlXOH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
60cd37bef48227f709594aa10afd5a25959472f4c4833eda0b262aa47cf10db1

Files

60cd37bef48227f709594aa10afd5a25959472f4c4833eda0b262aa47cf10db1
.exe windows x86

33b6cb489893a9a1f547de2e8eefc043

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mfc42

ord924
ord941
ord537
ord2915
ord860
ord540
ord939
ord3337
ord3811
ord1105
ord2764
ord858
ord535
ord2818
ord561
ord815
ord825
ord800
ord3790
ord4202

msvcrt

_strupr
_snprintf
__CxxFrameHandler
_except_handler3
exit
fclose
fopen
fprintf
atoi
__dllonexit
_onexit
_exit
_XcptFilter
_stricmp
__p___initenv
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_controlfp

kernel32

GetSystemWow64DirectoryA
GetPrivateProfileStringA
LocalAlloc
LocalFree
WinExec
CreateDirectoryA
SetFileAttributesA
GetFileAttributesA
DeleteFileA
OutputDebugStringA
CopyFileA
GetModuleHandleA
GetCurrentProcess
GetSystemDirectoryA
Sleep
LoadLibraryA
GetProcAddress
FreeLibrary
OpenProcess
CreateToolhelp32Snapshot
Process32First
lstrcmpiA
ProcessIdToSessionId
WTSGetActiveConsoleSessionId
CloseHandle
Process32Next
GetLastError

advapi32

OpenServiceA
RegisterServiceCtrlHandlerA
SetServiceStatus
StartServiceCtrlDispatcherA
QueryServiceConfigA
LockServiceDatabase
ChangeServiceConfigA
UnlockServiceDatabase
StartServiceA
OpenSCManagerA
CreateProcessAsUserA
QueryServiceStatus
ControlService
CloseServiceHandle
OpenProcessToken
DuplicateTokenEx
SetTokenInformation

shell32

SHFileOperationA

msvcp60

??0Init@ios_base@std@@QAE@XZ
??1Init@ios_base@std@@QAE@XZ
??0_Winit@std@@QAE@XZ
??1_Winit@std@@QAE@XZ
?_Eos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXI@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
?_C@?1??_Nullstr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@CAPBDXZ@4DB
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z
?_Xlen@std@@YAXXZ
??Hstd@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@0@Z
??Hstd@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@PBD@Z
?substr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV12@II@Z
?rfind@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
?_Grow@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAE_NI_N@Z

shlwapi

PathFileExistsA

Sections

.text
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

33b6cb489893a9a1f547de2e8eefc043

Headers

File Characteristics

Imports

mfc42

msvcrt

kernel32

advapi32

shell32

msvcp60

shlwapi

Sections

.text Size: 16KB - Virtual size: 12KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 4KB - Virtual size: 1KB

.rsrc Size: 4KB - Virtual size: 1024B

.text
Size: 16KB - Virtual size: 12KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 4KB - Virtual size: 1KB

.rsrc
Size: 4KB - Virtual size: 1024B