c80bd60cbaa7b7a20dd60ae7dd3c8376

Sharing

Copy URL Twitter E-mail

General

Target

c80bd60cbaa7b7a20dd60ae7dd3c8376
Size

505KB
MD5

c80bd60cbaa7b7a20dd60ae7dd3c8376
SHA1

b0ddeabe2f33149c9bf1632b17ddbe33121181c8
SHA256

77f63b73c5549ac3cb15410cbb18dc1d3a75041cc25f4965d42202164a0da420
SHA512

0035fb406763889879801541d8968a4c6f0f18320e4882d31c9b036f4ac02a77ed1b97666bbdc8bf2322e247ae7925592b54d1229b1c512e272f2a6dd227be93
SSDEEP

12288:CHndt851ZqFi9R+FF6R361dA/RfqNXEPsxf9L2O2+xwDUXmWdlE:CH/YZqZM/RvAfN2+kcm2e

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c80bd60cbaa7b7a20dd60ae7dd3c8376

Files

c80bd60cbaa7b7a20dd60ae7dd3c8376
.exe windows:4 windows x86 arch:x86

2bcd99e10226e1f748472efe95b9cc8d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetLocaleInfoW
GetOEMCP
GetUserDefaultLangID
CommConfigDialogW
GetDateFormatA
GetTempFileNameW
HeapAlloc
SetStdHandle
LeaveCriticalSection
InterlockedDecrement
SetConsoleCtrlHandler
VirtualProtect
CommConfigDialogA
CompareStringA
VirtualFree
LCMapStringW
TlsSetValue
GetLastError
GetLocaleInfoA
OpenWaitableTimerW
IsValidCodePage
EnterCriticalSection
GetLocaleInfoW
EnumSystemLocalesA
FindResourceExW
GetStringTypeA
OutputDebugStringA
GetFileType
GetProcAddress
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetThreadPriority
DeleteCriticalSection
SetConsoleActiveScreenBuffer
GetStringTypeW
VirtualQuery
InitializeCriticalSection
SetFilePointer
IsBadReadPtr
CloseHandle
GetTimeFormatA
MultiByteToWideChar
GetCurrentThread
HeapReAlloc
HeapValidate
ExitProcess
EnumResourceNamesA
WriteFile
VirtualAlloc
SetLastError
QueryPerformanceCounter
GetCurrentProcess
GetVersionExA
GetModuleHandleA
FreeEnvironmentStringsW
GetTimeZoneInformation
GetUserDefaultLCID
GetCurrentThreadId
IsBadWritePtr
TlsFree
DebugBreak
GetCPInfo
GetCurrentProcessId
UnhandledExceptionFilter
HeapCreate
CompareStringW
IsDebuggerPresent
GetTickCount
GetStdHandle
SetPriorityClass
FreeEnvironmentStringsA
IsValidLocale
InterlockedIncrement
RtlUnwind
FlushFileBuffers
GetSystemTimeAsFileTime
InterlockedExchange
HeapDestroy
GetACP
GlobalGetAtomNameW
GetCommandLineA
TlsGetValue
GetStartupInfoA
GetSystemInfo
HeapFree
TerminateProcess
LoadLibraryA
GetProcessAffinityMask
SetEnvironmentVariableA
WideCharToMultiByte
FindFirstFileW
GetModuleFileNameA
LCMapStringA
GlobalFree
TlsAlloc
OpenEventA

comdlg32

ReplaceTextA
PageSetupDlgW
GetFileTitleW
FindTextA
GetOpenFileNameW
FindTextW
PrintDlgW
ChooseFontA
ChooseFontW
ChooseColorW
GetSaveFileNameA
LoadAlterBitmap
GetSaveFileNameW
ReplaceTextW
ChooseColorA
PrintDlgA
GetFileTitleA
GetOpenFileNameA

wininet

FindFirstUrlCacheContainerW
HttpOpenRequestW
InternetCreateUrlA
UnlockUrlCacheEntryStream
SetUrlCacheConfigInfoA
CommitUrlCacheEntryW
InternetGetCertByURL
InternetCanonicalizeUrlA
GetUrlCacheEntryInfoW
FtpGetFileW
SetUrlCacheEntryGroup
HttpSendRequestW

gdi32

SetROP2
CreateDIBSection
GetCharABCWidthsA
GetBitmapDimensionEx
EnumICMProfilesW
ResetDCW
GetPolyFillMode
RectVisible
GetTextAlign

Sections

.text
Size: 178KB - Virtual size: 178KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 318KB - Virtual size: 330KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2bcd99e10226e1f748472efe95b9cc8d

Headers

File Characteristics

Imports

kernel32

comdlg32

wininet

gdi32

Sections

.text Size: 178KB - Virtual size: 178KB

.data Size: 318KB - Virtual size: 330KB

.rsrc Size: 8KB - Virtual size: 7KB

.text
Size: 178KB - Virtual size: 178KB

.data
Size: 318KB - Virtual size: 330KB

.rsrc
Size: 8KB - Virtual size: 7KB