ccd50118765ecac657e97bfe5d8f47ab57a46a01cbff20666c2403b90415e920

Sharing

Copy URL

Twitter E-mail

General

Target

ccd50118765ecac657e97bfe5d8f47ab57a46a01cbff20666c2403b90415e920
Size

1.8MB
MD5

86e21578491d7037e25aa2707351931e
SHA1

9702a17baac850265e030301262b75d618f4c705
SHA256

ccd50118765ecac657e97bfe5d8f47ab57a46a01cbff20666c2403b90415e920
SHA512

db6d6cb64469b74d02d1031c7128d8b102d592dfd7549b42133c9a152c1f90635a12760e676511b1c4d2045633efef20359401de26823e46d577b83aeecdbb1b
SSDEEP

49152:GafNIe+VFRqbEU0R/bbZzQh16E+9E9fxf3jQQL6C:3We+VOUbVQh163ifx07

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ccd50118765ecac657e97bfe5d8f47ab57a46a01cbff20666c2403b90415e920

Files

ccd50118765ecac657e97bfe5d8f47ab57a46a01cbff20666c2403b90415e920
.dll windows:5 windows x86

304d1ca6a2013f70d12424ec474b8729

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

setupapi

SetupDiDestroyDeviceInfoList

advapi32

LogonUserExW
AllocateAndInitializeSid
EncryptFileW
CreatePrivateObjectSecurity

gdi32

PatBlt
SetBkMode
SetDIBitsToDevice

oleaut32

LoadTypeLibEx
SystemTimeToVariantTime
VarBstrFromBool

ole32

STGMEDIUM_UserSize

msvcrt

feof
strspn

lz32

LZRead
LZClose
LZCopy

version

GetFileVersionInfoSizeA

kernel32

SetEvent
DeleteCriticalSection
InterlockedPushEntrySList
GetExitCodeProcess
DeleteTimerQueueTimer
GetBinaryTypeA
GetModuleFileNameA
LoadLibraryA
LoadLibraryExA
GetUserDefaultLCID
GetCommProperties
GetSystemTimeAsFileTime
VirtualAlloc
GetProcessHeap
GetModuleHandleA
WaitForSingleObject
LeaveCriticalSection
EnterCriticalSection

user32

GetCaretPos
GetMessageA
GetUpdateRgn
PostQuitMessage
GetMenuItemCount
GetLastActivePopup
ShowWindow
DrawStateW
GetMenuItemInfoA
SystemParametersInfoW
RegisterShellHookWindow
UpdateWindow
TranslateAcceleratorW

Sections

.text
Size: 748KB - Virtual size: 747KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 188KB - Virtual size: 184KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 80KB - Virtual size: 83KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

PACK
Size: 820KB - Virtual size: 818KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 40KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

304d1ca6a2013f70d12424ec474b8729

Headers

File Characteristics

Imports

setupapi

advapi32

gdi32

oleaut32

ole32

msvcrt

lz32

version

kernel32

user32

Sections

.text Size: 748KB - Virtual size: 747KB

.rdata Size: 188KB - Virtual size: 184KB

.data Size: 80KB - Virtual size: 83KB

PACK Size: 820KB - Virtual size: 818KB

.rsrc Size: 4KB - Virtual size: 1KB

.reloc Size: 40KB - Virtual size: 37KB

.text
Size: 748KB - Virtual size: 747KB

.rdata
Size: 188KB - Virtual size: 184KB

.data
Size: 80KB - Virtual size: 83KB

PACK
Size: 820KB - Virtual size: 818KB

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 40KB - Virtual size: 37KB