c348cea7aa3d910f21b27fbf7eb8a4e9

Sharing

Copy URL Twitter E-mail

General

Target

c348cea7aa3d910f21b27fbf7eb8a4e9
Size

59KB
MD5

c348cea7aa3d910f21b27fbf7eb8a4e9
SHA1

4324d95a00346b0b449c9564c182ca6cc280414a
SHA256

08d129360c30114dd5dbe8d47967fdfd35ca02e7bc468ea1974401b018696dda
SHA512

ca6965d38409523fb4dc5b2f09f9296d8ffd0e66a0f2c386233fa916ae8c500570c3f55ffd1961913ce4a3714e4ba2a6ea64611e7697efdd8409ed5c16fab528
SSDEEP

1536:+N4hq1AzOeNQZZaF+CZW1kkPwFt4Q3tEa0nn:eAzLfskt4hae

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c348cea7aa3d910f21b27fbf7eb8a4e9

Files

c348cea7aa3d910f21b27fbf7eb8a4e9
.exe windows:4 windows x86 arch:x86

0f976ab5fcb51e0450595eae0339f834

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

OpenMutexA
CreateMutexW
ReleaseMutex
GetWindowsDirectoryW
QueryPerformanceCounter
GetSystemTime
GetLocalTime
CreateFileW
MoveFileExA
GetDateFormatA
FreeResource
FindResourceA
LoadResource
GetProcessHeap
GetSystemTimeAsFileTime
GetCPInfo
FindFirstFileW
FindNextFileW
FindClose
GetFileAttributesW
SetFileAttributesA
GetCurrentThreadId
GetCommandLineA
GetModuleHandleA
GetProfileStringW
GetModuleFileNameA
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
GetLocaleInfoA
MultiByteToWideChar
HeapSize
RtlUnwind
HeapReAlloc
VirtualAlloc
Sleep
IsValidCodePage
GetOEMCP
GetACP
InitializeCriticalSection
LoadLibraryA
IsDebuggerPresent
UnhandledExceptionFilter
GetCurrentProcess
DuplicateHandle
SetErrorMode
SetUnhandledExceptionFilter
WinExec
GetEnvironmentVariableW
GetExitCodeProcess
PeekNamedPipe
CreatePipe
TerminateProcess
GetVersionExW
GetCurrentThread
EnterCriticalSection
LeaveCriticalSection
GetCurrentProcessId
GetTickCount
VirtualFree
HeapCreate
HeapDestroy
InterlockedDecrement
SetLastError
InterlockedIncrement
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
HeapFree
GetVersionExA
HeapAlloc
GetStartupInfoA
GetProcAddress
ExitProcess
WriteFile
GetStdHandle
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetLastError
GetEnvironmentStringsW
SetHandleCount
GetFileType
DeleteCriticalSection

user32

LoadCursorA
CreateMenu
RegisterWindowMessageA
ExitWindowsEx
UnregisterHotKey
GetWindowThreadProcessId
DispatchMessageA
PostMessageW
SendMessageW
GetClientRect
GetForegroundWindow
GetSystemMetrics
GetWindowRect
DrawTextA
CheckDlgButton
SetWindowTextA
EnumWindows
IsDialogMessageA
CallNextHookEx
SendMessageA
GetClassNameA
DefWindowProcW
GetAsyncKeyState
GetWindowLongA
GetMessagePos
GetClassInfoExA
FindWindowA
ReleaseDC
GetDC

gdi32

AbortDoc
SetRectRgn
CombineRgn
EndDoc
GetDeviceCaps
CreateBitmap
SetBkColor
SetTextColor
GetClipBox
StretchDIBits
SetAbortProc

ws2_32

WSAEnumNetworkEvents
WSAWaitForMultipleEvents
WSAAddressToStringA
socket
send
recv
select
inet_addr
inet_ntoa
ntohl
listen
ioctlsocket
WSACleanup
WSAStartup

Sections

.text
Size: 45KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 82KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0f976ab5fcb51e0450595eae0339f834

Headers

File Characteristics

Imports

kernel32

user32

gdi32

ws2_32

Sections

.text Size: 45KB - Virtual size: 44KB

.data Size: 11KB - Virtual size: 82KB

.rsrc Size: 1KB - Virtual size: 1KB

.text
Size: 45KB - Virtual size: 44KB

.data
Size: 11KB - Virtual size: 82KB

.rsrc
Size: 1KB - Virtual size: 1KB