c171809aeff93cc4be7e33ff95fc3da6

Sharing

Copy URL

Twitter E-mail

General

Target

c171809aeff93cc4be7e33ff95fc3da6
Size

491KB
MD5

c171809aeff93cc4be7e33ff95fc3da6
SHA1

0ac48105991bfc535d4a42c73b09b8d3457b506c
SHA256

9e53f2b03d65bae7e0041c95337256e3f1f84158df0b5431a42faf9ddb6abc8a
SHA512

9c84bf2c7ca487d349309e9c9d9a9142fa5a982934e49984025d76d7745b1227c9cfd9a53e119906de98fd877d277d1e0b6ed7739cd3ffbfcb6f8c113b2310e1
SSDEEP

12288:22kB8Gy1BwPqGeRoQM1ObNhfGMCduFbQnIkp9G:22kB81BwPfe21EGDd7nI3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c171809aeff93cc4be7e33ff95fc3da6

Files

c171809aeff93cc4be7e33ff95fc3da6
.exe windows:4 windows x86 arch:x86

fda37d85036838115d8a73222bd5f8c9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DeleteCriticalSection
GetCurrentThreadId
GetConsoleScreenBufferInfo
GetEnvironmentStrings
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetSystemTimeAsFileTime
TerminateProcess
ExitProcess
SetStdHandle
SetLastError
CloseHandle
LocalAlloc
TlsSetValue
InterlockedDecrement
GetModuleFileNameW
GetLocalTime
GetProcAddress
SetHandleCount
QueryPerformanceCounter
GetProfileStringW
GetCPInfo
GetVersion
TlsGetValue
HeapDestroy
CreateMutexA
EnterCriticalSection
OpenEventW
GetCurrentProcess
GetCurrentProcessId
HeapCreate
InterlockedExchange
VirtualQuery
GetTickCount
InterlockedIncrement
InitializeCriticalSection
GetStringTypeA
CompareStringW
GetStdHandle
WriteFile
WriteConsoleInputW
UnhandledExceptionFilter
GetCommandLineA
GetLastError
HeapReAlloc
GetStartupInfoA
HeapFree
LoadLibraryA
ReadFile
CreateEventA
GetStringTypeW
RtlUnwind
LCMapStringW
GetTimeZoneInformation
LCMapStringA
SetEnvironmentVariableA
GetModuleHandleA
HeapAlloc
TlsFree
LeaveCriticalSection
FlushFileBuffers
TlsAlloc
OpenMutexA
SetFilePointer
SetLocaleInfoA
GetCommandLineW
GetModuleFileNameA
CompareStringA
GetStartupInfoW
IsBadWritePtr
SetConsoleScreenBufferSize
VirtualFree
GetSystemTime
CreateDirectoryA
EnumCalendarInfoExW
GetEnvironmentStringsW
GetExitCodeThread
MultiByteToWideChar
GetCurrentThread
WideCharToMultiByte
GetFileType
VirtualAlloc

user32

ChangeDisplaySettingsExW
EnableScrollBar
InternalGetWindowText
CreateIcon
GetKeyboardLayoutNameW
LoadStringW
GetKeyNameTextA
AttachThreadInput
SetClassWord
CharUpperA
RegisterClipboardFormatW
SendDlgItemMessageW
DestroyCursor
CallWindowProcA
RegisterClassExA
CreateMDIWindowW
CreateIconIndirect
GetClipboardViewer
GetMenuItemID
AnimateWindow
GetTabbedTextExtentA
RegisterClassA
GetKeyboardLayoutNameA
GetClassNameA

comctl32

InitCommonControlsEx

Sections

.text
Size: 167KB - Virtual size: 167KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 311KB - Virtual size: 311KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fda37d85036838115d8a73222bd5f8c9

Headers

File Characteristics

Imports

kernel32

user32

comctl32

Sections

.text Size: 167KB - Virtual size: 167KB

.rdata Size: 4KB - Virtual size: 31KB

.data Size: 311KB - Virtual size: 311KB

.rsrc Size: 6KB - Virtual size: 6KB

.text
Size: 167KB - Virtual size: 167KB

.rdata
Size: 4KB - Virtual size: 31KB

.data
Size: 311KB - Virtual size: 311KB

.rsrc
Size: 6KB - Virtual size: 6KB