ccf6f2a214515d1e744c84fa1a24070d[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

ccf6f2a214515d1e744c84fa1a24070d.exe
Size

164KB
MD5

ccf6f2a214515d1e744c84fa1a24070d
SHA1

0baa92fe526b6989c7a340a1b8f6e44d4a1b219b
SHA256

89f250599e09f8631040e73cd9ea5e515d87e3d1d989f484686893becec1a9bc
SHA512

629a1b2426e262bf933292a2ebf39cc3bcebc3e161b8e654b705fc62bccb517d13fff0d485f4f815a8d890ca4103821fbaa0b6b21d5c4ce3bb8c7658777431e0
SSDEEP

768:QCRBfFQAbxWdPy5tOMSbhJ7QthX5XoQ+kacE6CkQS8u46bvvHm1H2v07LOK++++w:/j7bxWc5PS7Q35YDkJE1kQS80lqIqu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ccf6f2a214515d1e744c84fa1a24070d.exe

Files

ccf6f2a214515d1e744c84fa1a24070d.exe
.exe windows:6 windows x86

9653f924403b9c6353a5f0639537e507

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
VirtualProtect
VirtualAlloc
GetProcAddress
LoadLibraryA
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
QueryPerformanceCounter
GetModuleHandleW
GetCurrentProcess
FreeLibrary
TerminateProcess

advapi32

CryptAcquireContextA
CryptDestroyKey
CryptEncrypt
CryptDecrypt
CryptReleaseContext
CryptImportKey

vcruntime140

memset
memcmp
_setjmp3
_except_handler4_common
memcpy

api-ms-win-crt-string-l1-1-0

strncmp
strlen
strcmp
strcat
strcpy

api-ms-win-crt-stdio-l1-1-0

__acrt_iob_func
__stdio_common_vfprintf
puts
_set_fmode
__p__commode
fclose
fread
ftell
fseek
fopen
fwrite
fflush
fputc

api-ms-win-crt-heap-l1-1-0

calloc
free
malloc
realloc
_set_new_mode

api-ms-win-crt-runtime-l1-1-0

__p___argc
__p___argv
_cexit
_c_exit
_register_thread_local_exe_atexit_callback
exit
_initialize_narrow_environment
_exit
_initialize_onexit_table
_register_onexit_function
_crt_atexit
_controlfp_s
terminate
_set_app_type
_get_initial_narrow_environment
_seh_filter_exe
_initterm
_configure_narrow_argv
_initterm_e

api-ms-win-crt-utility-l1-1-0

qsort

api-ms-win-crt-time-l1-1-0

clock

api-ms-win-crt-math-l1-1-0

__setusermatherr

api-ms-win-crt-locale-l1-1-0

_configthreadlocale

Sections

.text
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 106KB - Virtual size: 106KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9653f924403b9c6353a5f0639537e507

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

advapi32

vcruntime140

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-utility-l1-1-0

api-ms-win-crt-time-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-locale-l1-1-0

Sections

.text Size: 42KB - Virtual size: 41KB

.rdata Size: 11KB - Virtual size: 10KB

.data Size: 106KB - Virtual size: 106KB

.tls Size: 512B - Virtual size: 9B

.gfids Size: 512B - Virtual size: 32B

.reloc Size: 3KB - Virtual size: 3.0MB

.text
Size: 42KB - Virtual size: 41KB

.rdata
Size: 11KB - Virtual size: 10KB

.data
Size: 106KB - Virtual size: 106KB

.tls
Size: 512B - Virtual size: 9B

.gfids
Size: 512B - Virtual size: 32B

.reloc
Size: 3KB - Virtual size: 3.0MB