c0015ecbbd68158cdf42a14bba25753a

Sharing

Copy URL Twitter E-mail

General

Target

c0015ecbbd68158cdf42a14bba25753a
Size

124KB
MD5

c0015ecbbd68158cdf42a14bba25753a
SHA1

6b80295ee028b5760b549c646135f6c0418a38f1
SHA256

2d7c17a5c55ff877c70aef85df34f7fbc01a7ce982e8ac64fffb301374f97472
SHA512

5a0adb9a471fada1599b1d9b21bdd09cde29427a9739f6e0d53ff1fd057ba54623cc58f8c1b2f3c0c50d22616d86c89e5d13c5d92ec30441d1ce2d172ab746d1
SSDEEP

3072:8caxbI1B/B/bKbXWnXXNIbHwCT5KT8VgVG5Tc0MTX:8cHsfHjKAV8G5T

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c0015ecbbd68158cdf42a14bba25753a

Files

c0015ecbbd68158cdf42a14bba25753a
.exe windows:4 windows x86 arch:x86

4272981cd7cf28c7ea00414586fbfa95

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetDriveTypeA
GetComputerNameA
LoadLibraryA
FreeLibrary
SetPriorityClass
RemoveDirectoryA
GetFullPathNameA
CreateDirectoryA
CopyFileA
GlobalFree
GlobalAlloc
GetCurrentThreadId
GetStartupInfoA
CreateFileMappingA
GetDiskFreeSpaceA
GlobalMemoryStatus
GetSystemInfo
GetTickCount
GetSystemDirectoryA
SetFileTime
CreateFileA
GetCurrentProcessId
GetStdHandle
MapViewOfFile
DeleteFileA
FreeResource
SizeofResource
LoadResource
FindResourceA
GetCommandLineA
SetErrorMode
GetModuleFileNameA
WriteFile
OpenProcess
TerminateProcess
GetExitCodeProcess
TerminateThread
ReadFile
Sleep
FileTimeToLocalFileTime
FileTimeToSystemTime
FindFirstFileA
FindNextFileA
FindClose
GetLastError
FormatMessageA
GetModuleHandleA
UnmapViewOfFile
CreatePipe
GetCurrentProcess
DuplicateHandle
CloseHandle
CreateProcessA
GetWindowsDirectoryA
CreateSemaphoreA
GetVersionExA
HeapReAlloc
TlsSetValue
GetEnvironmentStrings
CompareStringW
CompareStringA
GetLocaleInfoW
GetLocaleInfoA
SetEndOfFile
SetEnvironmentVariableA
GetProcAddress
GetStringTypeW
GetStringTypeA
FlushFileBuffers
SetStdHandle
GetOEMCP
GetACP
CreateThread
FreeEnvironmentStringsW
UnhandledExceptionFilter
FreeEnvironmentStringsA
SetLastError
TlsAlloc
GetCPInfo
GetEnvironmentStringsW
LCMapStringW
WideCharToMultiByte
LCMapStringA
MultiByteToWideChar
GetFileType
SetHandleCount
SetFilePointer
GetCurrentDirectoryA
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
HeapCreate
ExitProcess
RtlUnwind
TlsGetValue
HeapFree
HeapAlloc
ResumeThread
GetSystemTime
ExitThread
GetTimeZoneInformation
MoveFileA
GetLocalTime
GetFileAttributesA
GetVersion

user32

IsWindow
MessageBoxA
SendMessageA
DefWindowProcA
PeekMessageA
UnhookWindowsHookEx
DestroyWindow
CallNextHookEx
PostThreadMessageA
CreateWindowExA
ExitWindowsEx
DispatchMessageA
GetMessageA
RegisterClassA
SetWindowsHookExA

gdi32

CreateDCA
CreateCompatibleDC
CreateDIBSection
SelectObject
BitBlt
GetDIBColorTable
DeleteObject
DeleteDC
GetDeviceCaps

wsock32

listen
WSAStartup
gethostbyname
htons
bind
sendto
recvfrom
connect
inet_ntoa
setsockopt
recv
send
WSAGetLastError
closesocket
socket
accept

mpr

WNetCloseEnum
WNetOpenEnumA
WNetEnumCachedPasswords
WNetAddConnectionA
WNetCancelConnectionA
WNetEnumResourceA

winmm

PlaySoundA

avicap32

capCreateCaptureWindowA
capGetDriverDescriptionA

svrapi

NetSessionEnum
NetShareEnum
NetShareDel
NetShareAdd

advapi32

RegEnumKeyExA
RegDeleteKeyA
RegCreateKeyA
RegCloseKey
RegEnumValueA
RegOpenKeyExA
RegQueryValueExA
RegSetValueExA
RegCreateKeyExA
RegDeleteValueA
GetUserNameA

Sections

.text
Size: 81KB - Virtual size: 81KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 9KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

4272981cd7cf28c7ea00414586fbfa95

Headers

File Characteristics

Imports

kernel32

user32

gdi32

wsock32

mpr

winmm

avicap32

svrapi

advapi32

Sections

.text Size: 81KB - Virtual size: 81KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 14KB - Virtual size: 42KB

.idata Size: 4KB - Virtual size: 4KB

.rsrc Size: 10KB - Virtual size: 9KB

.reloc Size: 9KB - Virtual size: 10KB

.text
Size: 81KB - Virtual size: 81KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 14KB - Virtual size: 42KB

.idata
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 10KB - Virtual size: 9KB

.reloc
Size: 9KB - Virtual size: 10KB