cbb0ebf5373c0abfcddd13a939afa00b[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

cbb0ebf5373c0abfcddd13a939afa00b.exe
Size

269KB
MD5

cbb0ebf5373c0abfcddd13a939afa00b
SHA1

a6ecb88d60c1b54e39dfdf705e03538dc269fb9e
SHA256

9a4f15e818a1f559b2236fa7a024c99affaef36c60bdeea0da64ffd26040aada
SHA512

7f5537f78f8e260bd098e498365db750974a147a8a23d7d2fcd8f37931cdb0e8a8e125acdee1e035bf5e3430e4484d94129478f6796071f479ac1aaa284bea32
SSDEEP

6144:AJ3oS2G8MnHFaKrU3SZaHkTqITycShQHeQFQssNLgRwYE7z:Ae99EQK9Zek6QPsGC7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cbb0ebf5373c0abfcddd13a939afa00b.exe

Files

cbb0ebf5373c0abfcddd13a939afa00b.exe
.exe windows:4 windows x86 arch:x86

73caba00f20b95e99e56c1e55b40f163

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegQueryValueExA
OpenSCManagerA
ControlService
RegCloseKey
RevertToSelf
RegEnumValueA
RegQueryInfoKeyA
DeleteService
RegEnumKeyExA
QueryServiceStatus
RegDeleteKeyA
RegFlushKey
OpenServiceA
RegOpenKeyExA
RegDeleteValueA
StartServiceA
CloseServiceHandle
RegSetValueExA
RegCreateKeyExA
ImpersonateSelf

psapi

EnumProcessModules
EnumProcesses
GetModuleBaseNameA

ole32

CoUninitialize
CoInitialize
CoCreateInstance

kernel32

SetLastError
FormatMessageA
GetTimeZoneInformation
FindClose
lstrcmpiW
RemoveDirectoryA
TlsSetValue
FindResourceExA
WideCharToMultiByte
CompareStringW
DeleteFileA
VirtualProtect
TlsFree
SetStdHandle
LCMapStringA
GetStringTypeExA
GetACP
FindNextFileA
DeleteCriticalSection
HeapReAlloc
SetThreadPriority
GetModuleHandleA
GetStdHandle
GetSystemDirectoryA
OpenEventA
MoveFileExA
GetOEMCP
GetUserDefaultLCID
lstrcmpiA
WriteFile
IsValidLocale
TlsAlloc
SetEndOfFile
GetDateFormatA
SizeofResource
CreateProcessA
GetSystemInfo
ReleaseMutex
RtlUnwind
VirtualFree
HeapSize
VirtualQuery
LoadLibraryExW
LeaveCriticalSection
SetEnvironmentVariableA
ReadFile
FreeResource
OpenProcess
UnhandledExceptionFilter
IsBadCodePtr
SetHandleCount
GetCurrentDirectoryA
GetLocalTime
GetThreadLocale
LCMapStringW
GetTempPathA
HeapDestroy
lstrlenW
EnterCriticalSection
ResumeThread
LocalFree
TlsGetValue
GetWindowsDirectoryA
VirtualAlloc
GetTimeFormatA
CreateMutexA
FreeLibrary
CompareStringA
FreeEnvironmentStringsW
GetCurrentThreadId
CloseHandle
SetFilePointer
FlushFileBuffers
FatalAppExitA
SetUnhandledExceptionFilter
FreeEnvironmentStringsA
LockResource
HeapAlloc
SetFileAttributesA
GetSystemTimeAsFileTime
lstrlenA
SetPriorityClass
GetProcessHeap
LoadLibraryExA
CreateFileA
RaiseException
EnumSystemLocalesA
GetPrivateProfileStringA
IsValidCodePage
GetCommandLineA
FindFirstFileA
LoadResource
GetStringTypeExW
WaitForSingleObject
GetFileType
HeapFree
SetConsoleCtrlHandler
VirtualAllocEx

shell32

SHGetMalloc
SHGetFolderPathA
SHGetSpecialFolderLocation
SHGetDesktopFolder

user32

UnregisterClassA
MessageBoxA
CharToOemA
wsprintfA
RegisterWindowMessageA
FindWindowA
CharUpperW
GetSystemMetrics
FindWindowExA
LoadStringA
CharUpperA
CharLowerW
PostMessageA
CharLowerA

setupapi

SetupInstallServicesFromInfSectionA
SetupOpenInfFileA
SetupInstallFromInfSectionA

rtm

RtmCloseEnumerationHandle
RtmDeleteRouteList
RtmMarkDestForChangeNotification
RtmGetMostSpecificDestination
CheckTable
RtmAddRoute
RtmCreateDestEnum
RtmLookupIPDestination

asycfilt

DllCanUnloadNow

Sections

.text
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 232KB - Virtual size: 807KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

73caba00f20b95e99e56c1e55b40f163

Headers

File Characteristics

Imports

advapi32

psapi

ole32

kernel32

shell32

user32

setupapi

rtm

asycfilt

Sections

.text Size: 24KB - Virtual size: 23KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 232KB - Virtual size: 807KB

.rsrc Size: 8KB - Virtual size: 31KB

.text
Size: 24KB - Virtual size: 23KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 232KB - Virtual size: 807KB

.rsrc
Size: 8KB - Virtual size: 31KB