cupid71[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

cupid71.exe
Size

292KB
MD5

9e260333db1d714def6a778fa397e8ea
SHA1

22bb4c1ae3b22ab790b7bb2eb768feff94e96dc4
SHA256

fae813ed6632483021835ec4f7fe73d5a23f8a44a089e3ea6a6231de5dd0256f
SHA512

b3eac98d24b371369d6951370435ac7eda90101ee71f9e8c9d72c5baa33a65bb886dff14f7143e55e294893122b8598cb87b183319083ba95adc0b32ab4cae0b
SSDEEP

6144:QQ0SXFL9ve6L4n/yxupSk8luoKrnOVl56iPp2HcFV:QDS1JWUEGlpKL4I8F

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cupid71.exe

Files

cupid71.exe
.exe windows:4 windows x86

e56169d8d46b34ef5130f6926a74c8de

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetForegroundWindow
PostQuitMessage
GetWindow
GetWindowLongA
GetParent
FillRect
SetFocus
SendDlgItemMessageA
GetDlgItem
SetDlgItemTextA
GetDlgItemTextA
UnionRect
GetClassNameA
EqualRect
UpdateWindow
IsRectEmpty
GetUpdateRect
IsWindowVisible
EnumWindows
SetCursor
KillTimer
GetDesktopWindow
MessageBoxA
BeginPaint
SetClassWord
DefWindowProcA
EndDialog
GetClientRect
MoveWindow
DialogBoxParamA
LoadIconA
RegisterClassA
GetMessageA
TranslateMessage
DispatchMessageA
SetWindowPos
CreateWindowExA
SetRect
DestroyWindow
IsWindow
GetDC
ReleaseDC
CopyRect
SetRectEmpty
OffsetRect
PostMessageA
IntersectRect
SetWindowLongA
GetAsyncKeyState
DestroyCursor
GetCursorPos
EndPaint
LoadCursorA
InvalidateRect
PtInRect
SetTimer
GetWindowRect
FindWindowA

gdi32

BitBlt
CreateRectRgnIndirect
SetRectRgn
SelectClipRgn
CreateSolidBrush
DeleteObject
CreateCompatibleDC
CreateCompatibleBitmap
SelectObject
SelectPalette
GetObjectA
RealizePalette
SetMapMode
GetMapMode
SetBkColor
GetPixel
SetTextColor
CreateBitmap
TextOutA
GetTextExtentPoint32A
SetBkMode
GetStockObject
CreatePalette
CreateFontIndirectA
GetDeviceCaps
CreateDIBitmap
DeleteDC

winmm

mciSendCommandA

kernel32

VirtualFree
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadWritePtr
IsBadCodePtr
VirtualAlloc
HeapReAlloc
GetCPInfo
GetACP
GetOEMCP
HeapCreate
WriteFile
GetLastError
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GlobalFree
GlobalUnlock
GlobalLock
MulDiv
GetProcAddress
LoadLibraryA
HeapDestroy
GetEnvironmentStringsW
FindResourceA
GetTickCount
GlobalAlloc
WinExec
LocalFree
LocalUnlock
LocalLock
LocalAlloc
_lclose
GlobalReAlloc
OpenFile
GetTempFileNameA
GetTempPathA
MapViewOfFile
CreateFileMappingA
GetFileSize
CreateFileA
CloseHandle
UnmapViewOfFile
ReadFile
GetFileType
GetStdHandle
SetHandleCount
WideCharToMultiByte
GetEnvironmentStrings
SetFilePointer
FlushFileBuffers
GetModuleFileNameA
FreeEnvironmentStringsW
FreeEnvironmentStringsA
TerminateProcess
UnhandledExceptionFilter
GetCurrentProcess
ExitProcess
HeapAlloc
HeapFree
GetStartupInfoA
GetVersion
GetCommandLineA
GetModuleHandleA
RtlUnwind
LoadResource
SizeofResource
FreeResource
LockResource
SetStdHandle
DeleteFileA
HeapSize
SetEndOfFile

comdlg32

GetSaveFileNameA

shell32

ShellExecuteA

Sections

.text
Size: 80KB - Virtual size: 78KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 188KB - Virtual size: 184KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e56169d8d46b34ef5130f6926a74c8de

Headers

File Characteristics

Imports

user32

gdi32

winmm

kernel32

comdlg32

shell32

Sections

.text Size: 80KB - Virtual size: 78KB

.rdata Size: 8KB - Virtual size: 7KB

.data Size: 12KB - Virtual size: 15KB

.rsrc Size: 188KB - Virtual size: 184KB

.text
Size: 80KB - Virtual size: 78KB

.rdata
Size: 8KB - Virtual size: 7KB

.data
Size: 12KB - Virtual size: 15KB

.rsrc
Size: 188KB - Virtual size: 184KB