0cddcd8e54d3cbe58bea408390903c47

Sharing

Copy URL Twitter E-mail

General

Target

0cddcd8e54d3cbe58bea408390903c47
Size

359KB
MD5

0cddcd8e54d3cbe58bea408390903c47
SHA1

0c0cc591b256cc0916d9029ccc3cbaa7b652aa36
SHA256

cd005c2c1b7ca1f0af1526fa29526d66567e221d2751c4597befba526a387ba3
SHA512

200b31ab3eb5b719469cc568a1f470c5b3da29b9ce49ed39d68b956dd95fe739aedf8ac33a1f4071bdbb774809b7871e5ac3c0c4073021a6d5b15a72eb507a95
SSDEEP

6144:7rmDoYr3qoEmxshPXQLTkj9xuUtgJ7LHs8ukHCVkkv5KpHUCLHfHd24J2JJ2:/mHr6ohxshPXQLTkRxmm8aPv5OHLHf9U

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0cddcd8e54d3cbe58bea408390903c47

Files

0cddcd8e54d3cbe58bea408390903c47
.exe windows:4 windows x86 arch:x86

6516703de78c77fb5fc6e292eef2383b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetACP
CloseHandle
ReadFile
SetFilePointer
TlsFree
MapViewOfFile
RaiseException
GetCurrentThread
Sleep
HeapSize
WideCharToMultiByte
GetCurrentProcessId
GetEnvironmentStrings
GetShortPathNameA
lstrlenW
GlobalUnlock
GetEnvironmentStringsW
GetThreadLocale
LCMapStringA
GetConsoleCP
GlobalFree
lstrlenA
GetSystemInfo
LCMapStringW
LoadLibraryExW
GetLastError
LeaveCriticalSection
CreateFileA
TlsSetValue
GetFileType
CreateEventA
CreateFileW
CreateEventW
GlobalLock
FindFirstFileW
CreateFileMappingA
CompareStringA
FindFirstFileA
CompareStringW
GetProcessHeap
GetProcAddress
GetFileSize
GetStartupInfoA
LoadLibraryA
GetVersionExA
TlsAlloc
GetTickCount
QueryPerformanceCounter
FreeLibrary
LoadLibraryW
SetHandleCount
EnterCriticalSection
HeapFree
InterlockedIncrement
GetModuleHandleW
SetEndOfFile
GlobalAlloc
GetVersion
WriteConsoleA
TerminateProcess
MulDiv
SetUnhandledExceptionFilter
GetModuleHandleA
GetLocalTime
MultiByteToWideChar
TlsGetValue
UnhandledExceptionFilter
LoadLibraryExA
GetModuleFileNameA
FlushFileBuffers
ExitProcess
IsDebuggerPresent
GetModuleFileNameW
SetLastError
FormatMessageA
InterlockedDecrement
FindClose
LoadResource
GetEnvironmentVariableA
FormatMessageW
LocalFree
SetEvent
GetStringTypeW
HeapReAlloc
GetCommandLineA
GetSystemTimeAsFileTime
WriteFile
InterlockedExchange
GetStringTypeA
GetCPInfo
SetStdHandle
FreeEnvironmentStringsW
LocalAlloc
GetLocaleInfoA
GetCurrentProcess
DeleteCriticalSection
GetFileAttributesW
HeapDestroy
WaitForSingleObject
GetFileAttributesA
ReleaseMutex
GetConsoleOutputCP
GetStdHandle
GetUserDefaultLangID
GetSystemDefaultLangID
GetSystemDefaultLCID
GetCommandLineW
GetUserDefaultLCID
HeapAlloc
SizeofResource
CreateProcessA
IsValidCodePage
UnmapViewOfFile
FindResourceW
VirtualAlloc
GetCurrentThreadId
GetOEMCP

user32

GetClientRect
PeekMessageA
IsWindow
SetWindowPos
PostQuitMessage
GetActiveWindow
MessageBoxA
GetSysColor
InvalidateRect
SendMessageA
CallWindowProcA
GetFocus
SetCursor
DestroyWindow
GetParent
UpdateWindow
ShowWindow
EnableWindow
RegisterClassA
GetSubMenu
SetTimer
FillRect
SetFocus
DefWindowProcA
GetWindowRect
PostMessageA
CheckMenuItem
CreateWindowExA
MoveWindow
GetDlgItem

advapi32

RegDeleteKeyA
RegCreateKeyExA
RegQueryValueExA
RegOpenKeyExA
RegOpenKeyExW
RegCloseKey
RegDeleteValueA

msvcrt

_strcmpi
_onexit
__dllonexit
_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 331KB - Virtual size: 331KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6516703de78c77fb5fc6e292eef2383b

Headers

File Characteristics

Imports

kernel32

user32

advapi32

msvcrt

Sections

.text Size: 8KB - Virtual size: 7KB

.rdata Size: 15KB - Virtual size: 15KB

.data Size: 331KB - Virtual size: 331KB

.rsrc Size: 3KB - Virtual size: 3KB

.text
Size: 8KB - Virtual size: 7KB

.rdata
Size: 15KB - Virtual size: 15KB

.data
Size: 331KB - Virtual size: 331KB

.rsrc
Size: 3KB - Virtual size: 3KB