c3ca822c0d8c1abffda67fcf6264336e

Sharing

Copy URL

Twitter E-mail

General

Target

c3ca822c0d8c1abffda67fcf6264336e
Size

59KB
MD5

c3ca822c0d8c1abffda67fcf6264336e
SHA1

32abffa8b4417261823eeee9354b4cf5c8ebd0c3
SHA256

20271ea1004880aec625f5940c9780c32cc754b7052e6c5d2b3a87499e44f026
SHA512

6a925aaa90db7870c152904aa6e09d967756409615f496a122159de6817f6a50711b949e9223f1db89c209c7c8369b3443c66969808f9ff86da2f5933fb8cdd6
SSDEEP

768:b26UI4fCJG4GWL6ralWKeryCMC0rWIAbpAt2U4lg/8oDFcnxy9pwvbGAZnT6j+Ft:SS4OG86rmCMW1a0bxTYjW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c3ca822c0d8c1abffda67fcf6264336e

Files

c3ca822c0d8c1abffda67fcf6264336e
.exe windows:5 windows x86 arch:x86

c41cc7d7ddd0f7590a041341a85658ea

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

V:\hPKyFBSbeT\wHTYIjadCpgf\urOpezdyBw\yuqoJwbh\CTsHayvm.pdb

Imports

shlwapi

StrToIntW

kernel32

GlobalLock
lstrcmpiA
HeapCreate
LocalUnlock
lstrcpyW
lstrlenA
SetCommMask
GetCommandLineA
GetSystemDefaultUILanguage
SetCurrentDirectoryW
IsDBCSLeadByte
InitializeCriticalSection
ClearCommBreak
DeleteCriticalSection
MoveFileExW
CompareStringA
GetSystemDirectoryA
LocalReAlloc
VerifyVersionInfoW
lstrcpynA
lstrlenW
ReadFile
SleepEx
WriteFile
SetTimerQueueTimer
GetProcAddress
EnumResourceLanguagesA
GetFileAttributesExA
GetDateFormatA
HeapUnlock
GlobalUnlock
CreateMutexA
SetEvent
SetThreadAffinityMask
GetTimeFormatA
GetNumberFormatA
FileTimeToSystemTime
ConvertDefaultLocale
SetFileAttributesA
EnterCriticalSection
LoadLibraryA
HeapValidate
CreatePipe
lstrcpyA
GetTempPathW
TerminateThread
GetTempPathA
AreFileApisANSI
TlsSetValue
SetUnhandledExceptionFilter
VirtualAlloc
GetComputerNameExA
SetCommTimeouts
SetupComm
GetFileType

msvcrt

swprintf
_controlfp
towlower
fflush
__set_app_type
wcsstr
__p__fmode
__p__commode
_amsg_exit
wcsncpy
strtok
getc
fwrite
_initterm
_ismbblead
fclose
putchar
fgets
isupper
_XcptFilter
fputc
_exit
_cexit
malloc
__setusermatherr
strcoll
rand
realloc
clock
iswdigit
iswspace
__getmainargs
sscanf
fread
printf
strerror
isdigit
strstr
iswctype
strspn
isalnum
iswalpha
wcstombs
wcschr
wcscoll
strtol
atol

user32

DispatchMessageW
ShowOwnedPopups
DrawTextExW
SetWindowTextW
GetKeyboardLayoutList
DialogBoxIndirectParamW
ScrollWindowEx
RegisterHotKey
WindowFromPoint
SetWindowPos
SetDlgItemTextW
MoveWindow
CharLowerA
CreateWindowExA
AttachThreadInput
GetWindowPlacement
GetMenuCheckMarkDimensions
GetDialogBaseUnits
PostThreadMessageW
ChildWindowFromPoint
CharNextA
CharToOemBuffA
LoadIconA
InsertMenuItemW
IsCharAlphaNumericW
GetLastActivePopup
GetSysColorBrush
EndPaint
MapVirtualKeyW
MessageBoxExW
GetKeyNameTextW
SetUserObjectInformationW
SetScrollRange
CharToOemW
IsCharUpperA
IsCharLowerA
FindWindowW
AppendMenuA
GetWindowTextLengthW
wsprintfA
DefDlgProcA
GetClassNameW
GetKeyboardLayout
SetClassLongW
GetDoubleClickTime
GetNextDlgGroupItem
GetWindowDC
GetClassInfoA
OpenIcon
GetIconInfo
MessageBoxExA
DrawTextW
DrawIcon
CallWindowProcA
CreateWindowExW
ChangeMenuW
HiliteMenuItem
CreateIconFromResource
GetMessageExtraInfo
GetWindowRect
ArrangeIconicWindows
GetMenuStringW
LoadAcceleratorsA
CharUpperW
AdjustWindowRectEx
InsertMenuA
GetDC
GetActiveWindow
CreateIconIndirect
SetDlgItemInt
CreateMenu
GetClipCursor
GetDCEx
IsMenu
PostMessageA
SetWindowRgn
DeleteMenu
FrameRect
EqualRect
LoadImageA
BeginDeferWindowPos
GetMenuState
CharLowerBuffW
CreateAcceleratorTableW
UpdateWindow
UnionRect
OpenDesktopW
EnumWindows
MapWindowPoints
TileWindows
TrackPopupMenuEx
GetMessagePos
DestroyCaret
DrawStateW
CreateCaret
AppendMenuW
EnableScrollBar
DrawFocusRect
GetParent
GetUpdateRgn
CharUpperA
SendMessageW
SetTimer
LoadBitmapA
CharLowerW
DeferWindowPos
GetSysColor
GetScrollPos
GetClientRect
SendMessageTimeoutA
DestroyIcon
GetScrollRange
OemToCharA
MapVirtualKeyExW
OemToCharBuffA
GetUpdateRect
CreateDialogParamW
GetDlgItem
DrawTextA
SendDlgItemMessageA
TrackPopupMenu

comdlg32

GetOpenFileNameA
GetSaveFileNameA
ChooseFontW
GetFileTitleW
FindTextW

Exports

Exports

?GetShiftAltInfo@@YGK_KHE:O

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bit
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.insec
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.inmin
Size: 512B - Virtual size: 86B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.wall
Size: 1024B - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.zdata
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c41cc7d7ddd0f7590a041341a85658ea

Headers

File Characteristics

PDB Paths

Imports

shlwapi

kernel32

msvcrt

user32

comdlg32

Exports

Exports

Sections

.text Size: 7KB - Virtual size: 7KB

.bit Size: 1KB - Virtual size: 1KB

.insec Size: 6KB - Virtual size: 5KB

.inmin Size: 512B - Virtual size: 86B

.wall Size: 1024B - Virtual size: 62KB

.zdata Size: 12KB - Virtual size: 12KB

.data Size: 1KB - Virtual size: 1KB

.rsrc Size: 26KB - Virtual size: 26KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 7KB - Virtual size: 7KB

.bit
Size: 1KB - Virtual size: 1KB

.insec
Size: 6KB - Virtual size: 5KB

.inmin
Size: 512B - Virtual size: 86B

.wall
Size: 1024B - Virtual size: 62KB

.zdata
Size: 12KB - Virtual size: 12KB

.data
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 26KB - Virtual size: 26KB

.reloc
Size: 1KB - Virtual size: 1KB