c44f9cdeae3bd9bb8bcf24cd19ef8412

Sharing

Copy URL Twitter E-mail

General

Target

c44f9cdeae3bd9bb8bcf24cd19ef8412
Size

87KB
MD5

c44f9cdeae3bd9bb8bcf24cd19ef8412
SHA1

c0fc09daa6e27a9a0ebcf6abe235711215195075
SHA256

336542dc8de2643347919e7280998ea3ab77898b75346552fd261be828017b32
SHA512

0b618e2dd24820fa0743cfae917aa8112fe1337289375b2ad9c9cd75c2678764d6cf197e7d3bed2fd0af8bf0f1dbd7dcc56a830046954a06eb70fb22365674a0
SSDEEP

1536:9Yeu8h4kFTyCf9eXMJmw7OhRyBZkKgwN0Gba4SotWgCOnvr0Pay5Ei1MU+hNf:eOCCVpJ1ZkNCmIBCO75

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c44f9cdeae3bd9bb8bcf24cd19ef8412

Files

c44f9cdeae3bd9bb8bcf24cd19ef8412
.exe windows:5 windows x86 arch:x86

6b2c58246941b221706a9006e92cfff1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

setupapi

SetupDiGetDeviceInterfaceDetailA
SetupPromptReboot
SetupDiClassNameFromGuidW
SetupGetSourceFileSizeW
SetupDefaultQueueCallback
pSetupStringTableDestroy
SetupInstallServicesFromInfSectionExA
SetupDiGetDeviceInstanceIdW
CM_Get_Log_Conf_Priority
CM_Query_And_Remove_SubTreeW
SetupQueueDefaultCopyA
SetupDiGetDriverInfoDetailW
CM_Get_Next_Log_Conf
CM_Get_Device_Interface_AliasA

kernel32

TlsGetValue
OpenJobObjectA
GetTickCount
LoadLibraryExA
GetSystemTimeAsFileTime
EnumResourceLanguagesA
VirtualAlloc
LoadLibraryA
DeleteAtom
DeviceIoControl
GetComputerNameExW
GetCommConfig
GetModuleHandleExA
GetCurrentProcessId
GetCurrencyFormatA
ReadConsoleInputA
lstrcmpiW
CreateMutexA
GetCurrentThreadId
QueryPerformanceCounter
Sleep

mpr

WNetDirectoryNotifyA
MultinetGetConnectionPerformanceW
WNetCancelConnectionA
WNetOpenEnumW
WNetEnumResourceA
WNetCancelConnectionW
WNetSupportGlobalEnum
WNetFormatNetworkNameA
WNetEnumResourceW
WNetSetLastErrorA
WNetGetConnection2A
WNetGetResourceParentW
WNetDisconnectDialog

msvcrt40

?peek@istream@@QAEHXZ
??_8ofstream@@7B@
abs
strstr
_ismbcl0
_heapmin
?fail@ios@@QBEHXZ
$I10_OUTPUT
??_7bad_typeid@@6B@
??_Difstream@@QAEXXZ
atexit
??1exception@@UAE@XZ
__RTCastToVoid
?blen@streambuf@@IBEHXZ

expsrv

EbGetObjConnectionCounts
__vbaObjAddref
rtcRightTrimBstr
__vbaLateMemNamedCallLd
__vbaLateIdCall
__vbaStrCy
rtcCos
EbSetContextWorkerThread
__vbaRedimVar2
rtcR8ValFromBstr
__vbaVarSetObj
__vbaForEachCollVar
__vbaVarLateMemSt
rtcStringBstr
TipInvokeMethod
__vbaVarSub

Sections

.text
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 18KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 356B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6b2c58246941b221706a9006e92cfff1

Headers

DLL Characteristics

File Characteristics

Imports

setupapi

kernel32

mpr

msvcrt40

expsrv

Sections

.text Size: 44KB - Virtual size: 43KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 18KB - Virtual size: 20KB

.rsrc Size: 21KB - Virtual size: 20KB

.reloc Size: 512B - Virtual size: 356B

.text
Size: 44KB - Virtual size: 43KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 18KB - Virtual size: 20KB

.rsrc
Size: 21KB - Virtual size: 20KB

.reloc
Size: 512B - Virtual size: 356B