c66460a399ced2c8a70ddc3080fbb439

General

Target

c66460a399ced2c8a70ddc3080fbb439
Size

49KB
MD5

c66460a399ced2c8a70ddc3080fbb439
SHA1

477dace545325fde676fc1b634832722b227bf6c
SHA256

e1540850d03a47774eda526f5e65b8f9c05b7b1f6bd05b0d5d3b2e53ff0cbf4c
SHA512

4efbccce2a380d771a46c2027dc00da03f203db297c19312eacc3fb14cda86a26bb69dd82aba95882ad5dc22ce611356058cc88ff1cf14b05c6e40e2641b6a39
SSDEEP

1536:hyGGvnqpxZwyBalNQiotoWutQHm3Nj6iTx:Svq/Zwy0YBCkShTx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c66460a399ced2c8a70ddc3080fbb439

Files

c66460a399ced2c8a70ddc3080fbb439
.exe windows:5 windows x86 arch:x86

95cf025b752b8ba1647f7484d79e4e54

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InitializeCriticalSection
SetLastError
GetSystemTimeAsFileTime
IsBadReadPtr
FindResourceW
GetProcessTimes
GetFileSize
ExpandEnvironmentStringsW
GetTickCount
SetFileAttributesW
GetCurrentProcessId
lstrcatW
CreateProcessW
GetCommandLineA
lstrlenW
CreateFileMappingW
DisconnectNamedPipe
EnterCriticalSection
CreateThread
ReadFile
WaitForSingleObject
WriteProcessMemory
DeleteFileW
GetLogicalDrives
Sleep
GetModuleHandleA
GetTempPathW
FlushFileBuffers
GetExitCodeProcess
CreateMutexW
HeapAlloc
ResetEvent
lstrcpyA
UnmapViewOfFile
GetModuleFileNameW
ReleaseMutex
GetTempFileNameW
SetEvent
lstrcatA
GlobalUnlock
GetVersionExW
GlobalLock
GetCurrentThreadId
GetComputerNameW
SetFileTime
lstrlenA
CloseHandle
HeapReAlloc
FindFirstFileW
lstrcpynW
GetUserDefaultUILanguage
MapViewOfFile
GetFileSizeEx
GetProcessHeap
GetModuleFileNameA
MultiByteToWideChar
SetThreadPriority
FindNextFileW
MoveFileExW
CopyFileW
CreateEventW
HeapFree
FindClose
lstrcpyW
CreateFileW
WideCharToMultiByte
SetEndOfFile
GetLocalTime
LeaveCriticalSection
GetLastError
GetSystemTime
OpenProcess
GetTimeZoneInformation
GetDriveTypeW
lstrcmpiA
SystemTimeToFileTime
GetThreadPriority
GetFileTime
lstrcmpiW
OpenMutexW
CreateDirectoryW
SetFilePointer
WriteFile

user32

MsgWaitForMultipleObjects
GetWindowTextW
GetKeyState
OpenDesktopA
DrawIcon
GetMessageA
CloseWindowStation

Sections

.evwzmx
Size: 38KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.diz
Size: 2KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.czabal
Size: 7KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

95cf025b752b8ba1647f7484d79e4e54

Headers

File Characteristics

Imports

kernel32

user32

Sections

.evwzmx Size: 38KB - Virtual size: 60KB

.diz Size: 2KB - Virtual size: 5KB

.czabal Size: 7KB - Virtual size: 80KB

.evwzmx
Size: 38KB - Virtual size: 60KB

.diz
Size: 2KB - Virtual size: 5KB

.czabal
Size: 7KB - Virtual size: 80KB