c8e42d18db604a90efdbc3beb109bc21

Sharing

Copy URL Twitter E-mail

General

Target

c8e42d18db604a90efdbc3beb109bc21
Size

54KB
MD5

c8e42d18db604a90efdbc3beb109bc21
SHA1

817dbbb602411c06554585bdd3d8fd13c616a701
SHA256

e4146f1a9a62d7c757dcd096b0a91fbe9b57ad5067be5b83b5be455c798b27e7
SHA512

2ecdb50a7c86fc48485105c627f9a3f3f428d05b92cad516b536fbf07fb4a1dddaf26e37c91b7b9eb8f9d33c159058b38a15764d4e5d13659c351520d59c7236
SSDEEP

768:RUwW6o/mUd0jSJbr7J5MBuiHVtrlVnnGqHRT7TaFxyfj7cdC+/Ih:RUwjo+m00r7JcuYXnGqd7Tgg/CtIh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c8e42d18db604a90efdbc3beb109bc21

Files

c8e42d18db604a90efdbc3beb109bc21
.exe windows:4 windows x86 arch:x86

e6eb491bc34f67fd68155da1bc636824

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

AllocConsole
Beep
CallNamedPipeW
CloseHandle
ConnectNamedPipe
CreateDirectoryExW
CreateEventA
CreateMutexW
DefineDosDeviceW
EnumCalendarInfoA
EnumResourceLanguagesW
ExitProcess
FindNextChangeNotification
FlushFileBuffers
FlushViewOfFile
FormatMessageW
FreeEnvironmentStringsW
FreeLibrary
GetACP
GetCPInfoExA
GetCPInfoExW
GetCommProperties
GetCommandLineW
GetConsoleCommandHistoryLengthW
GetConsoleFontSize
GetCurrencyFormatA
GetCurrentConsoleFont
GetCurrentDirectoryW
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetLastError
GetLocalTime
GetLocaleInfoW
GetModuleFileNameW
GetModuleHandleW
GetProfileIntA
GetStartupInfoW
GetSystemDirectoryA
GetSystemTime
GetTapeStatus
GetThreadPriority
GetTimeFormatA
GetTimeFormatW
GetVersion
GetVersionExW
GlobalFindAtomA
GlobalUnlock
Heap32Next
HeapCompact
HeapValidate
HeapWalk
IsDBCSLeadByteEx
IsDebuggerPresent
LoadModule
LocalAlloc
LocalFree
MapViewOfFileEx
OpenEventW
OpenFile
QueryDosDeviceW
ReadConsoleW
ReadConsoleInputA
SetCommTimeouts
SetComputerNameW
SetConsoleCtrlHandler
SetConsoleIcon
SetFileApisToANSI
SetLastError
SetLocalTime
SetProcessWorkingSetSize
SetSystemTime
SetThreadPriority
SuspendThread
VDMConsoleOperation
VirtualProtect
VirtualQuery
VirtualQueryEx
WriteConsoleOutputA
WritePrivateProfileSectionW
WritePrivateProfileStringW
WriteProcessMemory
WriteProfileSectionA
WriteProfileSectionW
_lclose
_lread
lstrcmpA
lstrcmpW
lstrcmpiA
lstrcmpiW
lstrcpynA

user32

CallWindowProcW
CascadeWindows
ChangeMenuW
CharUpperA
CharUpperW
ChildWindowFromPointEx
CloseWindow
CopyAcceleratorTableW
CreateAcceleratorTableW
CreateMDIWindowA
CreateWindowExW
DdeGetQualityOfService
DdePostAdvise
DdeReconnect
DialogBoxParamW
DlgDirListA
DlgDirListComboBoxA
DragDetect
DrawCaption
DrawFrameControl
DrawStateA
DrawStateW
DrawTextExA
EditWndProc
EnableMenuItem
EnableScrollBar
FillRect
FindWindowA
FrameRect
GetActiveWindow
GetClipCursor
GetComboBoxInfo
GetCursor
GetCursorInfo
GetDCEx
GetFocus
GetForegroundWindow
GetMenu
GetParent
GetProcessWindowStation
GetUpdateRgn
GetWindowDC
GetWindowThreadProcessId
IMPGetIMEA
InvertRect
IsCharAlphaNumericA
IsClipboardFormatAvailable
IsWindow
IsZoomed
LoadBitmapW
LoadCursorA
LoadImageW
LoadStringA
LoadStringW
MonitorFromPoint
PostMessageA
RemoveMenu
SetCaretBlinkTime
SetClassLongA
SetClassWord
SetDebugErrorLevel
SetMenuItemInfoA
SetMessageExtraInfo
SetPropW
SetSysColors
SetWindowContextHelpId
SetWindowLongA
SetWindowPos
ShowCursor
TabbedTextOutW
TileWindows
TrackMouseEvent
TranslateAcceleratorA
UnhookWinEvent

gdi32

AngleArc
CreateFontW
CreatePolygonRgn
EndPath
EnumFontFamiliesExA
EnumICMProfilesA
EnumICMProfilesW
EnumObjects
Escape
ExcludeClipRect
ExtCreateRegion
ExtEscape
GdiComment
GdiFlush
GdiGetBatchLimit
GetAspectRatioFilterEx
GetBkColor
GetBkMode
GetBoundsRect
GetBrushOrgEx
GetCharWidthFloatA
GetCharacterPlacementA
GetClipBox
GetClipRgn
GetColorSpace
GetCurrentObject
GetDCOrgEx
GetDIBits
GetICMProfileW
GetMetaFileA
GetNearestPaletteIndex
GetOutlineTextMetricsA
GetPixel
GetTextCharset
GetTextFaceA
GetViewportExtEx
InvertRgn
PolyTextOutW
PtInRegion
RemoveFontResourceW
ResetDCW
RestoreDC
SetBkMode
SetPixelFormat
SetTextJustification
SetWinMetaFileBits
StartDocA
StrokeAndFillPath
gdiPlaySpoolStream

Sections

.text
Size: 6KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 36KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.kimg
Size: 4KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdhJ
Size: 5KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e6eb491bc34f67fd68155da1bc636824

Headers

File Characteristics

Imports

kernel32

user32

gdi32

Sections

.text Size: 6KB - Virtual size: 7KB

.data Size: 36KB - Virtual size: 45KB

.kimg Size: 4KB - Virtual size: 10KB

.pdhJ Size: 5KB - Virtual size: 10KB

.reloc Size: 1024B - Virtual size: 4KB

.text
Size: 6KB - Virtual size: 7KB

.data
Size: 36KB - Virtual size: 45KB

.kimg
Size: 4KB - Virtual size: 10KB

.pdhJ
Size: 5KB - Virtual size: 10KB

.reloc
Size: 1024B - Virtual size: 4KB