cc457bf2a6f3cde12f53894700becefeb9dc3b28dec3664b27b325058e99e883

Sharing

Copy URL Twitter E-mail

General

Target

cc457bf2a6f3cde12f53894700becefeb9dc3b28dec3664b27b325058e99e883
Size

15.9MB
MD5

90885e449283a8805b310324ea029db9
SHA1

f9da27a04c46aad7c6eb518ed47b7ff54d6bb5bb
SHA256

cc457bf2a6f3cde12f53894700becefeb9dc3b28dec3664b27b325058e99e883
SHA512

b49d654b81588279a76c17c6815ad2e87ad14c70d8ea7589115e52da65b862769441ea7cdc455f23f7f99128946c34665e690738877f72b7a5248bb61d705998
SSDEEP

393216:NCr6gklpQcC6ao3vUn57Mio34zdAj2djsiaIKm:NCWflecTao3sn5do34zbdj1v

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cc457bf2a6f3cde12f53894700becefeb9dc3b28dec3664b27b325058e99e883

Files

cc457bf2a6f3cde12f53894700becefeb9dc3b28dec3664b27b325058e99e883
.dll windows x86

9fb7ed4ca1fb20369aca9d3061c62f89

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

DeleteFileA

user32

SetWindowPos

gdi32

SetWindowExtEx

winmm

midiStreamRestart

winspool.drv

ClosePrinter

advapi32

RegQueryValueA

shell32

ShellExecuteA

ole32

OleUninitialize

oleaut32

UnRegisterTypeLi

comctl32

ord17

ws2_32

inet_ntoa

comdlg32

GetSaveFileNameA

Exports

Exports

GenericLogImpl
ǿ��ɾ��ļ�

Sections

.text
Size: - Virtual size: 536KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 3.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 219KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.svmp1
Size: - Virtual size: 4.0MB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.svmp2
Size: 6.8MB - Virtual size: 6.8MB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.svmp3
Size: 2.6MB - Virtual size: 2.6MB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.svmp4
Size: 5.9MB - Virtual size: 5.9MB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.svmp5
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.svmp6
Size: 464KB - Virtual size: 463KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.svmp7
Size: 4KB - Virtual size: 96B

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9fb7ed4ca1fb20369aca9d3061c62f89

Headers

File Characteristics

Imports

kernel32

user32

gdi32

winmm

winspool.drv

advapi32

shell32

ole32

oleaut32

comctl32

ws2_32

comdlg32

Exports

Exports

Sections

.text Size: - Virtual size: 536KB

.rdata Size: - Virtual size: 3.5MB

.data Size: - Virtual size: 219KB

.rsrc Size: 24KB - Virtual size: 22KB

.svmp1 Size: - Virtual size: 4.0MB

.svmp2 Size: 6.8MB - Virtual size: 6.8MB

.svmp3 Size: 2.6MB - Virtual size: 2.6MB

.svmp4 Size: 5.9MB - Virtual size: 5.9MB

.svmp5 Size: 16KB - Virtual size: 12KB

.svmp6 Size: 464KB - Virtual size: 463KB

.svmp7 Size: 4KB - Virtual size: 96B

.reloc Size: 20KB - Virtual size: 17KB

.text
Size: - Virtual size: 536KB

.rdata
Size: - Virtual size: 3.5MB

.data
Size: - Virtual size: 219KB

.rsrc
Size: 24KB - Virtual size: 22KB

.svmp1
Size: - Virtual size: 4.0MB

.svmp2
Size: 6.8MB - Virtual size: 6.8MB

.svmp3
Size: 2.6MB - Virtual size: 2.6MB

.svmp4
Size: 5.9MB - Virtual size: 5.9MB

.svmp5
Size: 16KB - Virtual size: 12KB

.svmp6
Size: 464KB - Virtual size: 463KB

.svmp7
Size: 4KB - Virtual size: 96B

.reloc
Size: 20KB - Virtual size: 17KB