c236a9dbaddc7748334fb4114140868d

Sharing

Copy URL Twitter E-mail

General

Target

c236a9dbaddc7748334fb4114140868d
Size

2.6MB
MD5

c236a9dbaddc7748334fb4114140868d
SHA1

d3d89084e0c14352e621cecb60384721de5c3069
SHA256

54a85e84ab82c55a94076f1ee6a1698165acf483eeea9b3ca356b9fe06a4d0d5
SHA512

2c90972d0f9beaa0dc960cfca25bd3dea224a7b837fb66e7c63655bd4256249b02e8e7f0e5634f9bd5f33fee05c6b70b3d318c36fe0a58e95559188bf7f89b40
SSDEEP

49152:47q5e6aT0rV5GEWRWIChQ837b9pq4eX5oOi+0hz2FVJXmbXOVGFsLCJGsHmXiaZX:vZW8c83rqJHi+0zomberLlsHWiaZb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c236a9dbaddc7748334fb4114140868d

Files

c236a9dbaddc7748334fb4114140868d
.exe windows:4 windows x86 arch:x86

e56ecc49b5c9f107362ab199ec657184

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

ChangeServiceConfigA
ControlService
FreeSid
GetUserNameA
LockServiceDatabase
RegDeleteValueA
RegEnumValueA
RegQueryValueExA
SetServiceStatus
StartServiceCtrlDispatcherA
UnlockServiceDatabase

kernel32

AddAtomA
CloseHandle
CopyFileA
CreateEventA
CreateMutexA
CreateThread
DisableThreadLibraryCalls
EnterCriticalSection
EnumSystemLocalesA
ExitProcess
ExpandEnvironmentStringsA
FreeLibrary
GetComputerNameA
GetConsoleMode
GetConsoleOutputCP
GetCurrentDirectoryA
GetCurrentProcess
GetCurrentProcessId
GetDriveTypeA
GetEnvironmentStringsA
GetFileAttributesA
GetFileSize
GetLastError
GetLocalTime
GetModuleFileNameA
GetModuleHandleA
GetPrivateProfileSectionA
GetPrivateProfileStructA
GetProcAddress
GetProcessHeap
GetStdHandle
GetStringTypeA
GetSystemDirectoryA
GetSystemInfo
GetSystemTimeAsFileTime
GetThreadLocale
GetTickCount
GetTimeZoneInformation
GetVersion
GetVersionExA
GetWindowsDirectoryA
GlobalFree
GlobalLock
HeapAlloc
HeapCreate
HeapDestroy
HeapSize
InitializeCriticalSection
InterlockedCompareExchange
InterlockedExchange
InterlockedIncrement
IsBadCodePtr
IsBadReadPtr
IsValidCodePage
LoadResource
LocalFree
LockResource
Module32First
Module32Next
MulDiv
MultiByteToWideChar
OpenEventA
OpenProcess
OutputDebugStringA
RaiseException
ReadFile
ReleaseMutex
RemoveDirectoryA
RtlUnwind
SearchPathA
SetEndOfFile
SetErrorMode
SetEvent
SetFilePointer
SetLastError
SetStdHandle
Sleep
SuspendThread
TlsGetValue
UnhandledExceptionFilter
UnmapViewOfFile
VirtualAlloc
VirtualProtect
WriteConsoleA
lstrcpyA

ole32

CLSIDFromProgID
CoFreeUnusedLibraries
CoRevokeClassObject
CreateBindCtx
CreateStreamOnHGlobal
OleSaveToStream

user32

CharNextA
CharPrevA
DefWindowProcA
DestroyMenu
DialogBoxParamA
EnableWindow
EqualRect
FindWindowA
GetActiveWindow
GetClientRect
GetDesktopWindow
GetSysColorBrush
GetSystemMenu
GetWindowTextA
InflateRect
IntersectRect
InvalidateRect
IsRectEmpty
LoadCursorA
LoadStringA
MessageBoxA
PostMessageA
ReleaseDC
SetDlgItemInt
SetMenu
SetWindowLongA
SetWindowRgn
TranslateMessage
UnregisterClassA

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

Sections

CODE
Size: 348KB - Virtual size: 352KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

BSS
Size: - Virtual size: 6.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

CRT
Size: 2.3MB - Virtual size: 2.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e56ecc49b5c9f107362ab199ec657184

Headers

File Characteristics

Imports

advapi32

kernel32

ole32

user32

version

Sections

CODE Size: 348KB - Virtual size: 352KB

BSS Size: - Virtual size: 6.6MB

CRT Size: 2.3MB - Virtual size: 2.3MB

.idata Size: 4KB - Virtual size: 4KB

.rsrc Size: 3KB - Virtual size: 4KB

CODE
Size: 348KB - Virtual size: 352KB

BSS
Size: - Virtual size: 6.6MB

CRT
Size: 2.3MB - Virtual size: 2.3MB

.idata
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 3KB - Virtual size: 4KB