c9cca72b8e2760887ebd1cfb2a6abc8b

Sharing

Copy URL Twitter E-mail

General

Target

c9cca72b8e2760887ebd1cfb2a6abc8b
Size

11.6MB
MD5

c9cca72b8e2760887ebd1cfb2a6abc8b
SHA1

13c5680b8ccde34b9a0f7219c19e7afbcd0ac92f
SHA256

8ff2d4df8c0d3c6fa19dc5f68a0d10711e16b675c587d705ab26605828d89d2c
SHA512

07dd2a7e32a04e8c43cc2e76dab5aec575225c821e165779f7f172997171785ed331e47e6aeebb3ad034947fc2278413685e14ddb6ba24d68b4625d8b8961a3b
SSDEEP

196608:yVY+O7AMOVacTH/UfsjxMJ5e292Eh1nvl93em4E73irn4KlYfzDDZ6Nb5WFbfLJG:6Y+mOVacTfUfsyJ5eY2E/vemN8n4KlYS

Score

3^/10

Malware Config

Signatures

Unsigned PE 4 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Setup.exe
unpack001/VSE800.Nap
unpack001/VSE800Reports.Nap
unpack001/Vse800UpdateForEPO30.exe

Files

c9cca72b8e2760887ebd1cfb2a6abc8b
.zip
Contact.Txt
McAvscv.scv
Packing.lst
PkgCatalog.z
ReadMe.Txt
Setup.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

NOS0
Size: - Virtual size: 52KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

NOS1
Size: 51KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
SignLic.Txt
VS800Det.mcs
VSE800.Nap
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.text
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 976B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
VSE800Reports.Nap
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.text
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 976B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Vse800UpdateForEPO30.exe
.exe windows:4 windows x86 arch:x86

72ce95e9b565778f5e0e16aafb55f42e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
GetACP
LCMapStringA
LCMapStringW
WideCharToMultiByte
HeapReAlloc
VirtualAlloc
HeapAlloc
GetStringTypeW
GetStringTypeA
GetLastError
SetEnvironmentVariableA
GetCurrentDirectoryA
SetCurrentDirectoryA
GetFileAttributesA
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
GetCPInfo
FreeLibrary
GetOEMCP
WriteFile
MultiByteToWideChar
GetEnvironmentStringsW
GetEnvironmentStrings
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
HeapFree
RtlUnwind
SetHandleCount
GetStdHandle
GetFileType
HeapDestroy
HeapCreate
VirtualFree

user32

MessageBoxA
LoadStringA

advapi32

RegCloseKey
RegOpenKeyExA
RegQueryValueExA

ole32

OleInitialize
OleUninitialize

version

GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
example.sms

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Sections

NOS0 Size: - Virtual size: 52KB

NOS1 Size: 51KB - Virtual size: 52KB

.rsrc Size: 2KB - Virtual size: 4KB

Headers

File Characteristics

Sections

.text Size: 12KB - Virtual size: 10KB

.rdata Size: 4KB - Virtual size: 1KB

.data Size: 4KB - Virtual size: 2KB

.rsrc Size: 4KB - Virtual size: 976B

.reloc Size: 4KB - Virtual size: 1KB

Headers

File Characteristics

Sections

.text Size: 12KB - Virtual size: 10KB

.rdata Size: 4KB - Virtual size: 1KB

.data Size: 4KB - Virtual size: 2KB

.rsrc Size: 4KB - Virtual size: 976B

.reloc Size: 4KB - Virtual size: 1KB

72ce95e9b565778f5e0e16aafb55f42e

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ole32

version

Sections

.text Size: 16KB - Virtual size: 12KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 4KB - Virtual size: 3KB

.rsrc Size: 8KB - Virtual size: 8KB

NOS0
Size: - Virtual size: 52KB

NOS1
Size: 51KB - Virtual size: 52KB

.rsrc
Size: 2KB - Virtual size: 4KB

.text
Size: 12KB - Virtual size: 10KB

.rdata
Size: 4KB - Virtual size: 1KB

.data
Size: 4KB - Virtual size: 2KB

.rsrc
Size: 4KB - Virtual size: 976B

.reloc
Size: 4KB - Virtual size: 1KB

.text
Size: 12KB - Virtual size: 10KB

.rdata
Size: 4KB - Virtual size: 1KB

.data
Size: 4KB - Virtual size: 2KB

.rsrc
Size: 4KB - Virtual size: 976B

.reloc
Size: 4KB - Virtual size: 1KB

.text
Size: 16KB - Virtual size: 12KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 8KB - Virtual size: 8KB