cf350acc460652c2afb07c6a82941d0ca9fe1f09e38f174a751973ce8308f0d4 (copy 1)

Sharing

Copy URL

Twitter E-mail

General

Target

cf350acc460652c2afb07c6a82941d0ca9fe1f09e38f174a751973ce8308f0d4 (copy 1)
Size

794KB
MD5

3f546454aec19b5ceca50431bf2f48fa
SHA1

31ca1dbdeb53348dbe6048e83546222ec12b6022
SHA256

cf350acc460652c2afb07c6a82941d0ca9fe1f09e38f174a751973ce8308f0d4
SHA512

4e2c5852cf0c7d6161ae06d0fcde41093e19d28b7c88bb41d2d3ba1f043ecb8de8bc0ea1e2ea5676c9c726758c2be7464bc9cb68624e7f5bcd74653ab7545f03
SSDEEP

12288:SnPq/W7id7BUlOtKfq35AFFumGoDzAqrhYRP8XAMk8rnPqfvb:Snie7i7UMI9vjgR8A0rnifvb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cf350acc460652c2afb07c6a82941d0ca9fe1f09e38f174a751973ce8308f0d4 (copy 1)

Files

cf350acc460652c2afb07c6a82941d0ca9fe1f09e38f174a751973ce8308f0d4 (copy 1)
.exe windows:4 windows x86

Password: infected

a1291a5d91e60fb83fda0c86214ecc97

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

dbghelp

ImageNtHeader

kernel32

LCMapStringA
SetStdHandle
WriteConsoleA
GetStringTypeA
QueryPerformanceCounter
GetStringTypeW
GetLocaleInfoA
CompareStringA
CompareStringW
SetEndOfFile
InitializeCriticalSectionAndSpinCount
Sleep
GetLastError
WriteFile
ReadFile
GetProcAddress
LoadLibraryA
GetUserDefaultLCID
CloseHandle
CreateFileA
CreateDirectoryA
GetLongPathNameW
ExitProcess
RemoveDirectoryA
FindClose
FindNextFileA
DeleteFileA
FindFirstFileA
WideCharToMultiByte
MultiByteToWideChar
AreFileApisANSI
FindFirstFileW
GetShortPathNameA
GetModuleFileNameA
GetShortPathNameW
GetModuleFileNameW
GetWindowsDirectoryA
GetLongPathNameA
GetEnvironmentVariableA
GetTempPathA
GetWindowsDirectoryW
GetEnvironmentVariableW
GetTempPathW
GetTempFileNameA
GetFullPathNameW
GetFullPathNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
FreeEnvironmentStringsA
GetEnvironmentStrings
GetConsoleOutputCP
DuplicateHandle
GetCurrentProcess
TerminateProcess
GetExitCodeProcess
WaitForSingleObject
CreateProcessA
SetEnvironmentVariableA
SearchPathA
EnterCriticalSection
InitializeCriticalSection
LeaveCriticalSection
GetCurrentProcessId
GetProcessHeap
GetMailslotInfo
CreateThread
CreateMailslotA
GetOverlappedResult
CancelIo
CreateEventA
GetCommandLineW
CreateSemaphoreA
SizeofResource
LockResource
LoadResource
FindResourceA
GetTickCount
AllocConsole
GetModuleHandleA
CreateProcessW
SetCurrentDirectoryW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RaiseException
RtlUnwind
GetSystemTimeAsFileTime
CreateDirectoryW
RemoveDirectoryW
HeapAlloc
HeapFree
WriteConsoleW
GetFileType
GetStdHandle
GetCommandLineA
GetStartupInfoA
GetModuleHandleW
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
InterlockedDecrement
HeapSize
GetConsoleCP
GetConsoleMode
FlushFileBuffers
DeleteCriticalSection
SetHandleCount
VirtualFree
VirtualAlloc
HeapReAlloc
HeapCreate
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LCMapStringW
LoadLibraryW
SetEnvironmentVariableW
GetTimeZoneInformation
GetFileAttributesW

Sections

.text
Size: 340KB - Virtual size: 340KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 205KB - Virtual size: 204KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 138KB - Virtual size: 137KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 71KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 44B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

/5
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

/7
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

/17
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Password: infected

a1291a5d91e60fb83fda0c86214ecc97

Headers

File Characteristics

Imports

dbghelp

kernel32

Sections

.text Size: 340KB - Virtual size: 340KB

.data Size: 205KB - Virtual size: 204KB

.rdata Size: 138KB - Virtual size: 137KB

.bss Size: - Virtual size: 4KB

.pdata Size: 71KB - Virtual size: 71KB

.xdata Size: 4KB - Virtual size: 4KB

.idata Size: 3KB - Virtual size: 3KB

.CRT Size: 4KB - Virtual size: 4KB

.tls Size: 512B - Virtual size: 44B

.rsrc Size: 12KB - Virtual size: 11KB

/5 Size: 4KB - Virtual size: 4KB

/7 Size: 4KB - Virtual size: 4KB

/17 Size: 4KB - Virtual size: 4KB

.text
Size: 340KB - Virtual size: 340KB

.data
Size: 205KB - Virtual size: 204KB

.rdata
Size: 138KB - Virtual size: 137KB

.bss
Size: - Virtual size: 4KB

.pdata
Size: 71KB - Virtual size: 71KB

.xdata
Size: 4KB - Virtual size: 4KB

.idata
Size: 3KB - Virtual size: 3KB

.CRT
Size: 4KB - Virtual size: 4KB

.tls
Size: 512B - Virtual size: 44B

.rsrc
Size: 12KB - Virtual size: 11KB

/5
Size: 4KB - Virtual size: 4KB

/7
Size: 4KB - Virtual size: 4KB

/17
Size: 4KB - Virtual size: 4KB