cc6731477c198e6b71e850eed8fe6bc4

Sharing

Copy URL Twitter E-mail

General

Target

cc6731477c198e6b71e850eed8fe6bc4
Size

326KB
MD5

cc6731477c198e6b71e850eed8fe6bc4
SHA1

a98977869f73c0053d4f8bc97704f670f18fcf94
SHA256

dd5862782fcfb6d5ae4006da3b315ca5d899dce03e608787bcf11431c1c81f63
SHA512

cba24d9f3b9d2faba5fbb4849c7f3081535d23c5d2c23fce5b02933e3b690351c0c89160aadae567ff3679bcd172397d8484d884f9de6129307f4cd8798cd58c
SSDEEP

6144:tpUJF0pqw1fhHH0T2Yd+60f8C3oyyFGoja:jUJS57Yr0rYFdja

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cc6731477c198e6b71e850eed8fe6bc4

Files

cc6731477c198e6b71e850eed8fe6bc4
.exe windows:5 windows x86 arch:x86

ebe34ba74b44d8d1f52de93ca07194e3

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

SelectObject
CreateFontIndirectW
GetStockObject
GetTextMetricsW
GetDeviceCaps
GetTextExtentPoint32W
DeleteObject

shlwapi

StrToIntW
StrCSpnW
StrCmpW
StrSpnW
PathFindFileNameW
StrCmpNW
StrDupW
StrRChrW
StrCmpIW

ntdll

NtAllocateVirtualMemory

msvcrt

memcpy
_wcsnicmp
_initterm
memset
malloc
bsearch
_amsg_exit
_wcsicmp
_CxxThrowException
_vsnwprintf
_adjust_fdiv
free
_XcptFilter

ole32

CoTaskMemFree
CoTaskMemRealloc
CoTaskMemAlloc
CoCreateInstance

samlib

SamAddMemberToAlias

kernel32

GetCurrentProcess
GetPrivateProfileStringA
GetSystemDefaultUILanguage
GetModuleFileNameW
GlobalAlloc
DeleteAtom
GetLastError
DisableThreadLibraryCalls
InterlockedExchange
LoadResource
FormatMessageW
GetFileSize
WritePrivateProfileStringW
CreateFileMappingW
TerminateProcess
WideCharToMultiByte
FindResourceW
WritePrivateProfileSectionA
lstrlenA
CompareStringW
InterlockedDecrement
AddAtomA
GlobalFree
LocalAlloc
FreeLibrary
lstrcmpiW
GetCurrentThreadId
LoadLibraryExW
FindAtomA
InitializeCriticalSection
GetSystemTimeAsFileTime
GetTickCount
lstrcmpW
QueryPerformanceCounter
RtlUnwind
CreateFileW
GetPrivateProfileSectionW
Sleep
SetLastError
WriteFile
LocalFree
DeleteCriticalSection
UnmapViewOfFile
MultiByteToWideChar
EnterCriticalSection
HeapAlloc
HeapReAlloc
LeaveCriticalSection
WritePrivateProfileSectionW
GetCurrentProcessId
GetPrivateProfileSectionA
HeapFree
SearchPathW
FindResourceExW
ReadFile
MapViewOfFile
GetUserDefaultUILanguage
GetVersionExW
lstrlenW
CloseHandle
UnhandledExceptionFilter
GetFileAttributesW
GetProcessHeap
InterlockedCompareExchange
SetFilePointer
GetPrivateProfileStringW
SetUnhandledExceptionFilter

advapi32

RegOpenKeyExW
RegQueryValueExW
RegCloseKey

user32

GetWindowRect
ShowWindow
SetWindowPos
DrawTextW
GetDlgItem
EndDialog
CreateWindowExW
SetScrollPos
SendMessageW
DefWindowProcW
DialogBoxParamW
MessageBoxW
GetClientRect
GetDC
CreateWindowExA
CallWindowProcW
RegisterClassA
ReleaseDC
UnregisterClassA
DestroyWindow
EnableWindow
SetScrollRange
GetParent
SetWindowTextW
MoveWindow
SetWindowLongW
LoadStringW
GetDlgItemTextW
GetScrollInfo
GetWindowTextW
GetWindowLongW
LoadCursorW
SetDlgItemTextW

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 292KB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

ebe34ba74b44d8d1f52de93ca07194e3

Headers

DLL Characteristics

File Characteristics

Imports

gdi32

shlwapi

ntdll

msvcrt

ole32

samlib

kernel32

advapi32

user32

Sections

.text Size: 4KB - Virtual size: 4KB

.data Size: 292KB - Virtual size: 1.4MB

.tls Size: 512B - Virtual size: 4KB

.rsrc Size: 24KB - Virtual size: 24KB

.rdata Size: 3KB - Virtual size: 3KB

.text
Size: 4KB - Virtual size: 4KB

.data
Size: 292KB - Virtual size: 1.4MB

.tls
Size: 512B - Virtual size: 4KB

.rsrc
Size: 24KB - Virtual size: 24KB

.rdata
Size: 3KB - Virtual size: 3KB