c347cc7dc7a810b6b811f5fe1afd0a2b

Sharing

Copy URL Twitter E-mail

General

Target

c347cc7dc7a810b6b811f5fe1afd0a2b
Size

2.4MB
MD5

c347cc7dc7a810b6b811f5fe1afd0a2b
SHA1

e6cc62f759207ab7077ce5b9c86fcfe9958e8360
SHA256

307831cf3691e3e23fdd8ae938ca6e1697a363313dd81b6f58ea45439485183d
SHA512

ffd033d811b963fe5474bc0b8908447716c0891ca68819d416fc231e38666de17ce28ccbeb2782a979ca72d869a84a426f214b2d57d00c907e898cde3a51d72d
SSDEEP

49152:jelWrKjJfxf9S7FJ8+nGYqqaWZ65GppayJ9k/D5u6H:jETdpo7w+GJqBZeGpcyJSL7H

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c347cc7dc7a810b6b811f5fe1afd0a2b

Files

c347cc7dc7a810b6b811f5fe1afd0a2b
.exe windows:4 windows x86 arch:x86

cdb304aa08b2836751de25219a578e1c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegEnumValueW
RegEnumKeyExW
RegOpenKeyExW
RegQueryValueExA
RegOpenKeyW
RegDeleteValueA
RegEnumKeyExA
RegCreateKeyExW
RegQueryValueA
RegOpenKeyA
RegFlushKey
RegCreateKeyExA
RegCreateKeyW
RegDeleteKeyW
RegDeleteKeyA
RegOpenKeyExA
RegQueryValueW
RegQueryInfoKeyW
RegLoadKeyW
RegQueryInfoKeyA
RegLoadKeyW
RegEnumKeyExW
RegEnumKeyA
RegGetKeySecurity
RegQueryValueExW
RegOpenKeyExA
RegQueryInfoKeyW
RegFlushKey
RegQueryInfoKeyA
RegOpenKeyW
RegReplaceKeyA
RegCreateKeyExW
RegDeleteValueA
RegDeleteKeyW
RegOpenKeyA
RegLoadKeyA
RegQueryValueA

user32

DialogBoxParamA
AppendMenuW
IsMenu
AppendMenuA
GetDC
BlockInput
GetWindowTextLengthA
AlignRects
DrawTextA
GetFocus
LoadCursorA
CalcMenuBar
GetDlgItem
CloseWindow
CopyImage
DrawIconEx
DrawTextW
GetWindowTextA
GetMenu
CopyIcon
CreateIcon
LoadMenuA
EndDialog

kernel32

SetLastError
WriteFile
ReadFile
CreateThread
GetLastError
ReadConsoleW
CreateDirectoryA
GlobalFree
GetFileSize
OpenFile
CopyFileExW
GetCPInfo
FindAtomA
GetFileTime
GetConsoleMode
GetCommandLineA
CopyFileW
GetFileTime
ReadFile
WriteFile
DeleteAtom
DeleteFileA
ExitThread
CopyFileExW
CopyFileA
FindFirstFileA
DeleteFileW
GetComputerNameA
OpenFile
GetFileSize
GetLastError
ReadConsoleA
GetCPInfo
OpenFileMappingA
DeleteFileW
CreateDirectoryA
GlobalFree
GetCommandLineA
Sleep
GetCPInfo
DeleteFileA
GetStdHandle
ReadConsoleW
ExitThread
GetComputerNameA
GetLastError
OpenFile
CopyFileA
CreateThread

comctl32

ImageList_DragMove
ImageList_GetImageCount
ImageList_EndDrag
ImageList_Copy
ImageList_DragEnter
ImageList_LoadImageW
ImageList_GetDragImage
ImageList_DragLeave
ImageList_AddMasked
ImageList_LoadImage
InitCommonControls
ImageList_Draw
ImageList_Create
ImageList_AddIcon
ImageList_LoadImageA
ImageList_Merge
ImageList_ReplaceIcon
ImageList_DrawIndirect
ImageList_Remove
ImageList_DragShowNolock
ImageList_GetImageInfo
ImageList_GetIconSize
ImageList_Destroy

Sections

CODE
Size: 260KB - Virtual size: 258KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.eHncDH
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.kdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.hdyBJj
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.hdata
Size: 2.1MB - Virtual size: 6.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.IobYOV
Size: 4KB - Virtual size: 305B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.hAGKyD
Size: 4KB - Virtual size: 536B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.zdcEys
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cdb304aa08b2836751de25219a578e1c

Headers

File Characteristics

Imports

advapi32

user32

kernel32

comctl32

Sections

CODE Size: 260KB - Virtual size: 258KB

.eHncDH Size: 8KB - Virtual size: 5KB

.kdata Size: 4KB - Virtual size: 2KB

.hdyBJj Size: 8KB - Virtual size: 6KB

.hdata Size: 2.1MB - Virtual size: 6.9MB

.IobYOV Size: 4KB - Virtual size: 305B

.hAGKyD Size: 4KB - Virtual size: 536B

.zdcEys Size: 8KB - Virtual size: 4KB

.rsrc Size: 8KB - Virtual size: 4KB

CODE
Size: 260KB - Virtual size: 258KB

.eHncDH
Size: 8KB - Virtual size: 5KB

.kdata
Size: 4KB - Virtual size: 2KB

.hdyBJj
Size: 8KB - Virtual size: 6KB

.hdata
Size: 2.1MB - Virtual size: 6.9MB

.IobYOV
Size: 4KB - Virtual size: 305B

.hAGKyD
Size: 4KB - Virtual size: 536B

.zdcEys
Size: 8KB - Virtual size: 4KB

.rsrc
Size: 8KB - Virtual size: 4KB