c9f5fc35c229538f7e8d2704b4101ebd

Sharing

Copy URL Twitter E-mail

General

Target

c9f5fc35c229538f7e8d2704b4101ebd
Size

284KB
MD5

c9f5fc35c229538f7e8d2704b4101ebd
SHA1

a2b31653c462701c21ee574b55dc4e27558486f6
SHA256

42bbcb5c94261c14184fda951a8e2ab8d9a7182829e75c83431c0cce1deeac01
SHA512

a098256459bbac8d2333a84c31474466bbcdded6661b09e29115262135393a4ae7b99191f998010cce5a025411eaeda82d18baafa6b160c9e7d882e0099ae761
SSDEEP

3072:bbHW2aQXz3ePBk0f3Zb+xZQ4CAS1ZNESI8tjv9ihfDlNl/5PfU9C9R5UTq5t8mJ:vvavBk0fJbjZ+8lihfrc9CjUm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c9f5fc35c229538f7e8d2704b4101ebd

Files

c9f5fc35c229538f7e8d2704b4101ebd
.dll windows:4 windows x86 arch:x86

5f6d1e561c9f1c4aae6d9a190fb714ef

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

x:\projects\hjhp\component\release(prod)\CPSChromeAddOn.pdb

Imports

kernel32

WideCharToMultiByte
SetEvent
GetModuleHandleW
GetModuleFileNameW
LoadLibraryW
GetProcAddress
OutputDebugStringW
DebugBreak
lstrlenA
InterlockedIncrement
InterlockedDecrement
lstrlenW
MultiByteToWideChar
WaitForSingleObject
ReleaseMutex
CreateMutexW
RaiseException
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
GetVersionExA
GetLastError
HeapFree
GetProcessHeap
GetVersionExW
GetFileAttributesW
FreeLibrary
LoadLibraryA
CloseHandle
GetTempPathW
CreateDirectoryW
GetModuleHandleA
GetCurrentProcess
OutputDebugStringA
FormatMessageW
GetVersion
GetSystemInfo
SetLastError
GlobalAlloc
GetTickCount
GlobalFree
OpenFile
RemoveDirectoryW
GetModuleFileNameA
IsBadReadPtr
RtlUnwind
GetSystemTimeAsFileTime
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCurrentThreadId
GetCommandLineA
HeapAlloc
HeapReAlloc
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetTimeZoneInformation
WriteFile
GetConsoleCP
GetConsoleMode
FlushFileBuffers
GetStdHandle
ExitProcess
Sleep
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
QueryPerformanceCounter
GetCurrentProcessId
VirtualAlloc
HeapSize
SetFilePointer
ReadFile
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
SetEndOfFile
CompareStringA
CompareStringW
SetEnvironmentVariableA

user32

UnregisterClassA
GetSystemMetrics
LoadStringW
SetWindowLongW
BeginPaint
GetClientRect
FrameRect
EndPaint
DefWindowProcW
MessageBoxW
wvsprintfW
CharNextW

gdi32

GetStockObject

advapi32

RegSetValueExW
RegQueryValueExW
RegOpenKeyExW
RegCreateKeyW
RegCloseKey

oleaut32

SysAllocString
SysFreeString
VariantClear

shlwapi

UrlGetPartW

wininet

InternetOpenW
HttpQueryInfoW
InternetConnectW
InternetCloseHandle
HttpSendRequestW
HttpOpenRequestW

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

Exports

Exports

NP_GetEntryPoints
NP_Initialize
NP_Shutdown

Sections

.text
Size: 108KB - Virtual size: 106KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.smiley
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 28KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.oex
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

5f6d1e561c9f1c4aae6d9a190fb714ef

Headers

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

advapi32

oleaut32

shlwapi

wininet

version

Exports

Exports

Sections

.text Size: 108KB - Virtual size: 106KB

.smiley Size: 12KB - Virtual size: 9KB

.rdata Size: 28KB - Virtual size: 25KB

.data Size: 8KB - Virtual size: 14KB

.rsrc Size: 4KB - Virtual size: 1KB

.reloc Size: 16KB - Virtual size: 12KB

.oex Size: 16KB - Virtual size: 13KB

.text
Size: 108KB - Virtual size: 106KB

.smiley
Size: 12KB - Virtual size: 9KB

.rdata
Size: 28KB - Virtual size: 25KB

.data
Size: 8KB - Virtual size: 14KB

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 16KB - Virtual size: 12KB

.oex
Size: 16KB - Virtual size: 13KB