c14c0f2d0ed4fc6ed8669594526d58d9

Sharing

Copy URL Twitter E-mail

General

Target

c14c0f2d0ed4fc6ed8669594526d58d9
Size

232KB
MD5

c14c0f2d0ed4fc6ed8669594526d58d9
SHA1

c9ebe568b30758ae7d0f3c9e2ae66464fde8f5c8
SHA256

7b9ae8d203744c13bedfaffb2d54c26bd259e4b6474f88dc46af6b77bb1dfc17
SHA512

18d34f90757be31fa164f43b6349e0df95026a3846bd473e4c4a6ab33f44d0a3730673b1379bb50143f3419b204c686f8119f994d99d5c17f13b9763e39ea182
SSDEEP

6144:uWL8Ik5AhBALPm2r68O4XL/mbOXID7mVb+y9Soc5NihtZukLAAj/PCk:uak5A8zrLO4XAO4mVb+V55CtZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c14c0f2d0ed4fc6ed8669594526d58d9

Files

c14c0f2d0ed4fc6ed8669594526d58d9
.exe windows:4 windows x86 arch:x86

b7c78dea366a9f8c472f158e0d3de9fb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

version

GetFileVersionInfoSizeA
VerQueryValueA

user32

DispatchMessageA
PostMessageA
GetDC
UnregisterClassA
SendMessageA
GetClientRect
DestroyWindow
GetParent
UpdateWindow
FillRect
ShowWindow
EnableWindow
TranslateMessage
IsWindowEnabled
IsWindow
EnableMenuItem
RegisterClassA
GetWindowLongA
SetTimer
EndPaint
SetFocus
PeekMessageA
BeginPaint
KillTimer
DefWindowProcA
MapWindowPoints
GetSystemMetrics
GetWindowRect
IsIconic
SetWindowPos
PostQuitMessage
DestroyMenu
GetWindow
SetCapture
ReleaseCapture
SetWindowLongA
EndDialog
SetWindowTextA
CheckMenuItem
GetSubMenu
CreateWindowExA
GetDlgItem
ScreenToClient
LoadCursorA
LoadIconA
GetDesktopWindow
SetForegroundWindow
MessageBoxA
GetSysColor
SystemParametersInfoA
IsWindowVisible
GetFocus
InvalidateRect
CallWindowProcA
ReleaseDC
SetCursor

kernel32

GetVersionExA
HeapAlloc
IsDebuggerPresent
GetModuleFileNameW
lstrlenW
InitializeCriticalSection
SetLastError
OutputDebugStringA
FormatMessageA
TlsGetValue
FindClose
LoadResource
GetEnvironmentVariableA
FormatMessageW
LocalFree
GetProcessHeap
GetStdHandle
GetConsoleOutputCP
ReleaseMutex
FileTimeToSystemTime
GetFileAttributesA
WaitForSingleObject
FindFirstFileW
HeapDestroy
GetFileAttributesW
FreeEnvironmentStringsA
DeleteCriticalSection
GetCurrentProcess
GetLocaleInfoA
LocalAlloc
ExpandEnvironmentStringsA
SetErrorMode
SetStdHandle
GetCPInfo
lstrcmpiA
GetStringTypeA
GetSystemTimeAsFileTime
HeapReAlloc
GetStringTypeW
GetFullPathNameA
VirtualAlloc
lstrlenA
GetCommandLineA
GetOEMCP
FindResourceA
Sleep
VirtualFree
WriteFile
HeapCreate
WideCharToMultiByte
CreateProcessA
SizeofResource
InterlockedExchange
GetModuleHandleW
GlobalLock
GetACP
lstrcpynA
FindFirstFileA
SetUnhandledExceptionFilter
ReadFile
GetModuleHandleA
TlsFree
MapViewOfFile
GetConsoleMode
RaiseException
GetCurrentThread
InterlockedCompareExchange
HeapSize
GetCurrentDirectoryA
GetCommandLineW
SetFileTime
LockResource
GetCurrentProcessId
GetEnvironmentStrings
FileTimeToLocalFileTime
GetModuleFileNameA
GlobalAlloc
GlobalUnlock
GetEnvironmentStringsW
GetThreadLocale
LCMapStringA
FindResourceW
GetConsoleCP
GlobalFree
GetSystemInfo
UnmapViewOfFile
LCMapStringW
LoadLibraryExW
GetLastError
LeaveCriticalSection
ExitProcess
TlsSetValue
GetFileType
CreateEventA
CreateFileW
GetTimeZoneInformation
WaitForMultipleObjects
DuplicateHandle
FindNextFileA
CreateFileMappingA
CompareStringA
lstrcpyA
FindNextFileW
lstrcmpA
FreeEnvironmentStringsW
CompareStringW
RemoveDirectoryA
GetProcAddress
DeleteFileW
SetEvent
GetWindowsDirectoryA
DeleteFileA
CreateDirectoryA
GetFileSize
GetStartupInfoA
LoadLibraryA
FlushFileBuffers
TlsAlloc
GetTickCount
QueryPerformanceCounter
FreeLibrary
GetVersionExW
LoadLibraryW
SetHandleCount
EnterCriticalSection
HeapFree
CloseHandle
WriteConsoleW
InterlockedIncrement
GetCurrentThreadId
SetEndOfFile
VirtualQuery
GetVersion
WriteConsoleA
TerminateProcess
SetEnvironmentVariableA
GetSystemDirectoryA
MulDiv
CreateFileA
SetFileAttributesA
CreateThread
SetFilePointer
CreateMutexA
GetLocalTime
MultiByteToWideChar
InterlockedDecrement
UnhandledExceptionFilter
GetPrivateProfileStringA
LoadLibraryExA
lstrcmpiW
GetExitCodeProcess

gdi32

BitBlt
SetBkColor
DeleteObject
GetStockObject
CreateCompatibleDC
SelectObject
CreateSolidBrush
CreateCompatibleBitmap

oleaut32

VariantInit
SysFreeString
SysAllocStringLen
SysAllocString

advapi32

RegCloseKey
RegCreateKeyExW
RegQueryValueExA
RegCreateKeyExA
RegSetValueExW
RegSetValueExA
RegDeleteValueA
RegDeleteKeyA
RegOpenKeyExA

msvcrt

_exit
_XcptFilter
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
__dllonexit
_onexit

Sections

.text
Size: 203KB - Virtual size: 202KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 696B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b7c78dea366a9f8c472f158e0d3de9fb

Headers

File Characteristics

Imports

version

user32

kernel32

gdi32

oleaut32

advapi32

msvcrt

Sections

.text Size: 203KB - Virtual size: 202KB

.rdata Size: 24KB - Virtual size: 23KB

.data Size: 3KB - Virtual size: 3KB

.rsrc Size: 1024B - Virtual size: 696B

.text
Size: 203KB - Virtual size: 202KB

.rdata
Size: 24KB - Virtual size: 23KB

.data
Size: 3KB - Virtual size: 3KB

.rsrc
Size: 1024B - Virtual size: 696B