cb425268bf3999c5b0629a10083af5998bb6145eef05dc40e82250e9d7f48701

Sharing

Copy URL Twitter E-mail

General

Target

cb425268bf3999c5b0629a10083af5998bb6145eef05dc40e82250e9d7f48701
Size

512KB
MD5

2c73d83d65cc88215612e6809fe3b805
SHA1

c85c8c051ed30644248b41413b72461dfe66bb8f
SHA256

cb425268bf3999c5b0629a10083af5998bb6145eef05dc40e82250e9d7f48701
SHA512

93ca7dba6a9550947ad320f32097f187ebe36828518c234321bf6f68b157512a20c6390490db0c0ce95e9ace4e8df6053c7a0c0abd2be3662b072a8980760934
SSDEEP

6144:wWMOaQynMVotkfXYjghBaC9+xplGHTJ5pS2we:wWMCynMmSfojABRgxpluTPpW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cb425268bf3999c5b0629a10083af5998bb6145eef05dc40e82250e9d7f48701

Files

cb425268bf3999c5b0629a10083af5998bb6145eef05dc40e82250e9d7f48701
.exe windows:4 windows x86 arch:x86

98febf4addcc2119e18441382094c249

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

mciSendCommandA

kernel32

FindResourceA
GetTempPathA
GetProcAddress
GetModuleHandleA
GetTickCount
LCMapStringW
LCMapStringA
GetStringTypeW
GetStringTypeA
MultiByteToWideChar
LoadLibraryA
GetOEMCP
GetACP
GetCPInfo
CreateFileA
SetFilePointer
FlushFileBuffers
SizeofResource
IsBadCodePtr
IsBadReadPtr
SetUnhandledExceptionFilter
IsBadWritePtr
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetVersionExA
GetEnvironmentVariableA
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
WideCharToMultiByte
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetModuleFileNameA
LoadResource
LockResource
FreeResource
DeleteFileA
SetEndOfFile
ReadFile
SetStdHandle
RtlUnwind
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
HeapFree
HeapAlloc
HeapReAlloc
TerminateProcess
GetCurrentProcess
HeapSize
GetLastError
CloseHandle
WriteFile
UnhandledExceptionFilter

shell32

Shell_NotifyIconA

user32

GetDC
ReleaseDC
MessageBoxA
RegisterClassA
LoadIconA
GetMessageA
TranslateMessage
DispatchMessageA
DestroyIcon
KillTimer
SetWindowPos
SystemParametersInfoA
ShowWindow
PostQuitMessage
GetWindowRect
GetSubMenu
GetCursorPos
BringWindowToTop
SetForegroundWindow
TrackPopupMenu
DestroyMenu
DefWindowProcA
DestroyWindow
CreateWindowExA
GetWindowLongA
SetWindowLongA
SetTimer
PtInRect
SendMessageA
LoadMenuA

gdi32

CreateCompatibleDC
SelectObject
DeleteDC
CreateDIBSection
DeleteObject
GetObjectA

Sections

.text
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 12KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 452KB - Virtual size: 452KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

98febf4addcc2119e18441382094c249

Headers

File Characteristics

Imports

winmm

kernel32

shell32

user32

gdi32

Sections

.text Size: 40KB - Virtual size: 39KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 12KB - Virtual size: 16KB

.rsrc Size: 452KB - Virtual size: 452KB

.text
Size: 40KB - Virtual size: 39KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 12KB - Virtual size: 16KB

.rsrc
Size: 452KB - Virtual size: 452KB