c42bbc5c968cb8276a6d2b16ad53c900

Sharing

Copy URL Twitter E-mail

General

Target

c42bbc5c968cb8276a6d2b16ad53c900
Size

68KB
MD5

c42bbc5c968cb8276a6d2b16ad53c900
SHA1

0cf05e791300dec9a712a6695ed2f1786aecf9c8
SHA256

ddd96ec1a0672e6f8c2387ec9ee96f25cb13fbd35381dac3062bb0e678c47006
SHA512

6a727b00ddb33d175b150bcf1a8a868093ca878860becce2b50548a085e33afd227f8e244853111c5bddcb8905509535ef488005ac6584cbcd8da19c98696ac1
SSDEEP

768:SWyPRnzxkG0O7zc+w1tKbGHqZRACiB9CL37RuvUxhJoALQ18WDWXzMaF2w:dy5nzqG0O7TEtK9rpb7UvKoxCWI1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c42bbc5c968cb8276a6d2b16ad53c900

Files

c42bbc5c968cb8276a6d2b16ad53c900
.exe windows:4 windows x86 arch:x86

7752bdc3ac5857217ed73973a2b47e2e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

bc32fn

InListString
SkipLRBlk
SetString
LineToString
pFrmtBuffer
VARLIST
CharAscii
GetTimeExt
RPEE
RFLV
RPED
RADDR
CheckProto
SaveKeyBuffers
PROGC
BCRound
FormatNumber
SearchString
bPrintFileName
AddSl
iDBXError
GetPartOfString
szTmpBuf
GetDate
ZNOFIL
GetLeftChar
ZSRVVER
GetTSRHandlers
ZSYSTEM
pvTerminateProgram
iNewFrmSpec
GetMemory
GetAllocMem
bOptimizeSearch
FreeMemory
DBXAccess
DBDatabase
DBClose
ZPREXTEND
psArgv
iArgc
ZTRADVER
PropertiesEx
BcxExit
GetIDSInfo
ZMINVER
ZMINVERUX
StrToUpper
pszCurrentModule
SkipRightBlk
pszSUBProto
GetRightChar
StrAdd
TABOffset
RestoreKeyBuffers
pInfoExe

bc32ui

EntryTerminateProgram
RTAB
RRA
RIF
RO
pszDecodMessage
SYSDATEXT
DefineXMLElement
DefineXMLAttr
PutXMLData2
DBCreateVars2
DBDefineStructs
CANVID
EntryInitProgramData
RCSRCH
SearchSTR
SYSDAT
cRowsRI
cColsRI
RI
KYM
ExitInitProgramData
wKeyFlags
DBRemoveVars
RCCHAN
ExitTerminateProgram
WgsInitData
szProgramName
pszID
DefineWindow
DefineLabel2
DefineEdit6
DefineButtonIvt
RRI
ZDECOD
RCI
RunWindow3
ABC
ZVIDCOMPVIS
WgsRestoreInputData
WgsSetEnabledKeys
WgsSetDefinedKeys
WgsSetUncheckedKeys
WgsMessageBoxEx
WgsStartAppThread
WgsRunMainThreadLoop
DefineFormat

kernel32

TerminateProcess
GetCurrentProcess
ExitProcess
GetStartupInfoA
GetCommandLineA
GetModuleHandleA
GetProcAddress
UnhandledExceptionFilter
GetVersion
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetModuleFileNameA
GetEnvironmentStrings
GetEnvironmentStringsW
WideCharToMultiByte
GetStdHandle
GetFileType
SetHandleCount
HeapCreate
VirtualFree
HeapDestroy
RtlUnwind
WriteFile
HeapFree
DeleteFileA
GetStringTypeA
MultiByteToWideChar
GetCPInfo
GetACP
GetStringTypeW
HeapAlloc
VirtualAlloc
GetOEMCP
LoadLibraryA
HeapReAlloc
LCMapStringW
LCMapStringA
GetLastError

user32

PostQuitMessage

Sections

.text
Size: 40KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

7752bdc3ac5857217ed73973a2b47e2e

Headers

File Characteristics

Imports

bc32fn

bc32ui

kernel32

user32

Sections

.text Size: 40KB - Virtual size: 36KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 16KB - Virtual size: 13KB

.text
Size: 40KB - Virtual size: 36KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 16KB - Virtual size: 13KB