c1756a2d5cf7031e7d732d663cbc3d8a

Sharing

Copy URL Twitter E-mail

General

Target

c1756a2d5cf7031e7d732d663cbc3d8a
Size

79KB
MD5

c1756a2d5cf7031e7d732d663cbc3d8a
SHA1

aea35d1d154a9d3324d34ba6ec325dcaaec585e7
SHA256

96968892b1230e41c595cec8bb26ed6a7fb202f21d68360e835036be387999a4
SHA512

cdd67b19b5162e5ebaea8b4e66e887dd0c17e7942acb4e00dd80d6726dd224f5c1c75bec75f73a21886cfe22503f6805d12c435a2850883b536c2a797f81ace5
SSDEEP

1536:qWtAiq0zeDSnDY+4MqDPWl4BLJVCmR9++l/KKH:Vc0ICYdXDulMimR9++l/KKH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c1756a2d5cf7031e7d732d663cbc3d8a

Files

c1756a2d5cf7031e7d732d663cbc3d8a
.exe windows:4 windows x86 arch:x86

7d3131b3d26478c7a35c40826b17d158

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcessHeap
HeapAlloc
GetCurrentThreadId
InterlockedIncrement
InterlockedDecrement
ReleaseMutex
GetLastError
CreateMutexA
DeleteFileA
CloseHandle
WaitForSingleObject
CreateProcessA
GetPrivateProfileStringA
GetPrivateProfileIntA
Sleep
WriteFile
CreateFileA
GetFileSize
lstrlenW
GetModuleHandleA
MultiByteToWideChar
lstrlenA
GetModuleFileNameA
WideCharToMultiByte
FreeLibrary
SizeofResource
LoadResource
FindResourceA
LoadLibraryExA
lstrcmpiA
lstrcpynA
IsDBCSLeadByte
HeapFree
LCMapStringW
LCMapStringA
FlushFileBuffers
SetStdHandle
GetOEMCP
GetCPInfo
GetStringTypeW
GetStringTypeA
SetFilePointer
LoadLibraryA
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetCurrentProcess
FlushInstructionCache
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
RaiseException
GetVersionExA
InterlockedExchange
GetThreadLocale
GetLocaleInfoA
GetEnvironmentStrings
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetStdHandle
TlsGetValue
TlsSetValue
TlsFree
SetLastError
TlsAlloc
HeapSize
TerminateProcess
GetProcAddress
GetACP
VirtualFree
HeapCreate
HeapDestroy
GetSystemTimeAsFileTime
GetCurrentProcessId
ExitProcess
RtlUnwind
HeapReAlloc
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
GetStartupInfoA
GetCommandLineA
QueryPerformanceCounter
GetTickCount

user32

GetMessageA
PeekMessageA
TranslateMessage
IsDialogMessageA
CreateDialogParamA
DefWindowProcA
PostMessageA
KillTimer
DispatchMessageA
SetWindowLongA
UnregisterClassA
DestroyWindow
CharNextA
EndDialog
GetActiveWindow
DialogBoxParamA
GetWindowLongA
GetParent
GetWindow
GetWindowRect
SystemParametersInfoA
GetClientRect
MapWindowPoints
SetWindowPos
PostQuitMessage

advapi32

RegCreateKeyExA
RegSetValueExA
RegEnumKeyExA
RegQueryInfoKeyA
RegCloseKey
RegOpenKeyExA
RegDeleteValueA
RegDeleteKeyA

shell32

SHGetSpecialFolderPathA

ole32

CoTaskMemAlloc
CoTaskMemFree
CoInitialize
CoUninitialize
CoTaskMemRealloc
CoCreateInstance

oleaut32

VarUI4FromStr

comctl32

InitCommonControlsEx

wininet

InternetOpenUrlA
InternetReadFile
InternetCloseHandle
DeleteUrlCacheEntry
InternetOpenA

Sections

.text
Size: 44KB - Virtual size: 42KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7d3131b3d26478c7a35c40826b17d158

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ole32

oleaut32

comctl32

wininet

Sections

.text Size: 44KB - Virtual size: 42KB

.rdata Size: 12KB - Virtual size: 8KB

.data Size: 4KB - Virtual size: 9KB

.rsrc Size: 8KB - Virtual size: 5KB

.text
Size: 44KB - Virtual size: 42KB

.rdata
Size: 12KB - Virtual size: 8KB

.data
Size: 4KB - Virtual size: 9KB

.rsrc
Size: 8KB - Virtual size: 5KB