cc855f108f0c27e1ced93a63a03a76c881bb5647c831641e52310c6fc3714d47

Sharing

Copy URL Twitter E-mail

General

Target

cc855f108f0c27e1ced93a63a03a76c881bb5647c831641e52310c6fc3714d47
Size

128KB
MD5

265601ff020c95f3911170ae1cf4e448
SHA1

fb8d9fa7097b18b93fee78c3804c09aa48b8803c
SHA256

cc855f108f0c27e1ced93a63a03a76c881bb5647c831641e52310c6fc3714d47
SHA512

b810bc808bf4f250ae0cb75c55ebc8bc309f51b25e555b29f32c7bbe56d4247f2004eb2ae8738feeed115f059bb6b38ebe4831f2271f653e9f26ea6f42e47ead
SSDEEP

1536:pTxsgISUCBTt+hcuE9curZHidSagm4o4MvPMp1mCuY8I+kV:pTiSUOp+hLYbrZHiXbcmCuo+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cc855f108f0c27e1ced93a63a03a76c881bb5647c831641e52310c6fc3714d47

Files

cc855f108f0c27e1ced93a63a03a76c881bb5647c831641e52310c6fc3714d47
.exe windows:5 windows x64

8131bc530ee6ef4e6c203129c60da038

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

user32

LoadStringW
CharUpperBuffW

msvcrt

__lconv_init
signal
_wcmdln
__winitenv
_initterm
_fpreset
_cexit
exit
__set_app_type
__wgetmainargs
_amsg_exit
__setusermatherr
malloc
sprintf
bsearch
strcspn
strchr
memmove
strlen
strcmp
strcpy
memcpy
memcmp
wcsstr
wcsrchr
wcscpy
wcschr
_wcsdup
memset
toupper
_wsplitpath
_wtol
free
_wfopen
fgetws
feof
fclose

kernel32

FindClose
LeaveCriticalSection
InitializeCriticalSection
EnterCriticalSection
DeleteCriticalSection
LoadLibraryW
GetModuleHandleA
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
Sleep
SetUnhandledExceptionFilter
GetStartupInfoW
GetProcAddress
LocalReAlloc
LocalAlloc
GetEnvironmentVariableA
WideCharToMultiByte
GetTimeFormatW
GetDateFormatW
CompareStringW
WriteConsoleW
GetConsoleOutputCP
WriteFile
SystemTimeToFileTime
SetLastError
SetFileAttributesW
ReadFile
lstrlenW
lstrcpyW
lstrcmpW
lstrcatW
LocalFree
HeapFree
HeapAlloc
GetStdHandle
GetProcessHeap
GetModuleHandleW
GetLastError
GetFullPathNameW
GetFileTime
GetFileAttributesW
GetEnvironmentVariableW
GetCurrentDirectoryW
GetCommandLineW
FormatMessageW
CloseHandle
CompareFileTime
CopyFileW
CreateDirectoryW
CreateFileW
FileTimeToSystemTime
FindNextFileW
FindFirstFileW
TlsGetValue

ntdll

vDbgPrintExWithPrefix

Sections

.text
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1024B - Virtual size: 684B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 91KB - Virtual size: 90KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 248B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8131bc530ee6ef4e6c203129c60da038

Headers

DLL Characteristics

File Characteristics

Imports

user32

msvcrt

kernel32

ntdll

Sections

.text Size: 26KB - Virtual size: 26KB

.rdata Size: 8KB - Virtual size: 7KB

.data Size: 512B - Virtual size: 21KB

.pdata Size: 1024B - Virtual size: 684B

.rsrc Size: 91KB - Virtual size: 90KB

.reloc Size: 512B - Virtual size: 248B

.text
Size: 26KB - Virtual size: 26KB

.rdata
Size: 8KB - Virtual size: 7KB

.data
Size: 512B - Virtual size: 21KB

.pdata
Size: 1024B - Virtual size: 684B

.rsrc
Size: 91KB - Virtual size: 90KB

.reloc
Size: 512B - Virtual size: 248B