c00d3cec4b1113ff4bbaa47dc40c574a

Sharing

Copy URL Twitter E-mail

General

Target

c00d3cec4b1113ff4bbaa47dc40c574a
Size

552KB
MD5

c00d3cec4b1113ff4bbaa47dc40c574a
SHA1

e625ef0b34b8bf2c960034f6d5a4ea59e51b00c9
SHA256

9f8e564d9238151c9cc2d180fc54fa992cf5fbaf6adcacd2bf1d95ecef586b66
SHA512

1e229649f3907f0b912e4408fd10138e7d9ec5c1a060b6aaeb431e52c636080e55a8283ff5f523efdd3283c29243dcc805462eecb25b3ddfa7d00363228d4e96
SSDEEP

12288:XUDFHaiYe1HMZGM3jWyNxf7WP+fhs+yz+7uV/Dsgm3yAVHw8WylRlx0:kDFHBjMZGgjWyNxf7WPF+yz+7uV/Ajyh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c00d3cec4b1113ff4bbaa47dc40c574a

Files

c00d3cec4b1113ff4bbaa47dc40c574a
.dll windows:4 windows x86 arch:x86

aac9970e8f60883aafc9bc6c7c6115e1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

TlsGetValue
GetModuleHandleA
HeapSize
SetLastError
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
WriteFile
VirtualAlloc
IsBadWritePtr
InitializeCriticalSection
LeaveCriticalSection
TlsAlloc
TlsFree
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
SetFilePointer
GetCPInfo
GetACP
GetOEMCP
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
SetStdHandle
ReadFile
TlsSetValue
CloseHandle
GetTickCount
GetCurrentThreadId
RaiseException
GetCurrentProcess
TerminateProcess
ExitProcess
HeapReAlloc
HeapFree
HeapAlloc
GetSystemTimeAsFileTime
GetVersion
GetCommandLineA
RtlUnwind
GetModuleFileNameA
lstrcpyA
MultiByteToWideChar
GlobalLock
GlobalSize
GlobalUnlock
GlobalFree
FreeLibrary
LoadLibraryA
GetProcAddress
GetLastError
Sleep
InterlockedDecrement
InterlockedIncrement
EnterCriticalSection
FlushFileBuffers

user32

LoadCursorA
GetSysColorBrush
UnregisterClassA
DefWindowProcA
EndPaint
BeginPaint
GetUpdateRect
SetFocus
wsprintfA
CallWindowProcA
SendMessageA
LoadBitmapA
GetCursor
RegisterClassA
GetWindowTextA
GetWindowLongA
CreateWindowExA
SetWindowLongA
DestroyWindow
GetDC
ReleaseDC
GetDoubleClickTime
GetCursorPos
GetAsyncKeyState
DrawTextA
FillRect
GetWindowRect
PeekMessageA
SetCursor
GetSystemMetrics
MessageBoxA
DispatchMessageA

version

VerQueryValueA
GetFileVersionInfoSizeA
GetFileVersionInfoA

gdi32

SetBkMode
GetCurrentObject
CreateBitmap
CreateSolidBrush
DPtoLP
GetObjectA
GetMapMode
DeleteObject
SelectObject
MoveToEx
LineTo
CreatePenIndirect
GetStockObject
SetTextColor
CreateBrushIndirect
SetBkColor
CreateFontIndirectA
CreateCompatibleBitmap
CreateCompatibleDC
DeleteDC
BitBlt
SetMapMode

shell32

DragQueryFileA

ole32

OleInitialize
OleUninitialize
RevokeDragDrop
RegisterDragDrop
CoCreateInstance

Exports

Exports

main

Sections

.text
Size: 120KB - Virtual size: 117KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text1
Size: 4KB - Virtual size: 112B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data1
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 288KB - Virtual size: 286KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rmnet
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

aac9970e8f60883aafc9bc6c7c6115e1

Headers

File Characteristics

Imports

kernel32

user32

version

gdi32

shell32

ole32

Exports

Exports

Sections

.text Size: 120KB - Virtual size: 117KB

.text1 Size: 4KB - Virtual size: 112B

.rdata Size: 16KB - Virtual size: 14KB

.data Size: 24KB - Virtual size: 30KB

.data1 Size: 12KB - Virtual size: 10KB

.rsrc Size: 288KB - Virtual size: 286KB

.reloc Size: 24KB - Virtual size: 21KB

.rmnet Size: 60KB - Virtual size: 60KB

.text
Size: 120KB - Virtual size: 117KB

.text1
Size: 4KB - Virtual size: 112B

.rdata
Size: 16KB - Virtual size: 14KB

.data
Size: 24KB - Virtual size: 30KB

.data1
Size: 12KB - Virtual size: 10KB

.rsrc
Size: 288KB - Virtual size: 286KB

.reloc
Size: 24KB - Virtual size: 21KB

.rmnet
Size: 60KB - Virtual size: 60KB