cc7cdedfdb13b5a51263c76c66e29d12

Sharing

Copy URL Twitter E-mail

General

Target

cc7cdedfdb13b5a51263c76c66e29d12
Size

463KB
MD5

cc7cdedfdb13b5a51263c76c66e29d12
SHA1

5e8983eec8c699380f4b60974a5b8dbad7c8895a
SHA256

d715798cb468772984a80ca5a3f678fbfa0a91cd63e417c9e1e46f99a89fc97f
SHA512

be2ac204e6fcff0a32bf5be9d55bc7819aa3a3404ae008cc96ef68d6def98ca5b5a9838a7b35c5f8656ab3b6d124317f74d973c0e575bb247c23405bcb9bc250
SSDEEP

12288:KE39yH3nJauq/o4p85vUEzS6iOR/jMohBnFObQ/5c:KEcDqSNzSc9TBnobK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cc7cdedfdb13b5a51263c76c66e29d12

Files

cc7cdedfdb13b5a51263c76c66e29d12
.exe windows:4 windows x86 arch:x86

419cd9a498f8035c231efc65a5e2d7ae

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

SHGetFileInfoW
SHLoadInProc
CommandLineToArgvW

kernel32

OpenFileMappingW
CreateToolhelp32Snapshot
lstrcpy
GetEnvironmentStringsW
ReadConsoleA
SetLastError
WideCharToMultiByte
lstrcpynA
TerminateProcess
DeleteCriticalSection
GetTickCount
WriteFile
GetProcessShutdownParameters
VirtualAlloc
DebugActiveProcess
GetCurrentProcessId
GetACP
ExitProcess
LCMapStringW
GetEnvironmentStrings
GlobalLock
FindFirstFileExA
GetCurrentThreadId
EnumSystemLocalesA
RtlUnwind
GetStdHandle
GetCurrencyFormatW
HeapReAlloc
GetFileType
TlsAlloc
GetStringTypeW
GetCurrentThread
TlsSetValue
GetCPInfo
HeapCreate
GetProfileSectionA
MultiByteToWideChar
LeaveCriticalSection
LocalFileTimeToFileTime
SetConsoleWindowInfo
SetHandleCount
QueryPerformanceCounter
HeapAlloc
LoadLibraryA
RtlMoveMemory
VirtualQuery
CreateSemaphoreA
GetCurrentProcess
TlsFree
FreeEnvironmentStringsW
HeapDestroy
GetSystemTimeAsFileTime
FreeEnvironmentStringsA
lstrcatW
GetVersion
VirtualFree
InterlockedExchange
GetStartupInfoA
ReadConsoleOutputW
HeapFree
UnhandledExceptionFilter
GetProcAddress
lstrcmpW
EnterCriticalSection
GetModuleFileNameA
GetCommandLineA
GetStringTypeA
IsBadWritePtr
GetModuleHandleA
InitializeCriticalSection
TlsGetValue
GetLastError
LoadLibraryW
GetOEMCP
ReadFileEx
LCMapStringA

advapi32

CryptGenKey
LookupSecurityDescriptorPartsW
RegQueryValueA
CryptAcquireContextA

user32

GetClientRect
DefDlgProcA
CharPrevA
PostThreadMessageA
DefWindowProcA
ChangeClipboardChain
DrawFocusRect
LoadMenuIndirectW
ShowWindowAsync
SetPropA
CloseWindowStation
DdeDisconnectList
DlgDirListComboBoxW

gdi32

SetMetaFileBitsEx
Rectangle
ModifyWorldTransform
GetICMProfileA
DescribePixelFormat
SetICMProfileA
GetWinMetaFileBits
SetBoundsRect
GetOutlineTextMetricsA
CreatePenIndirect
GetObjectW
CloseFigure
GetObjectType
CreateMetaFileW
OffsetClipRgn
GetNearestColor
GetCharABCWidthsW
UnrealizeObject
SwapBuffers
DPtoLP
DeviceCapabilitiesExW
SetBkMode
SetBitmapBits
AnimatePalette

Sections

.text
Size: 166KB - Virtual size: 166KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 279KB - Virtual size: 279KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

419cd9a498f8035c231efc65a5e2d7ae

Headers

File Characteristics

Imports

shell32

kernel32

advapi32

user32

gdi32

Sections

.text Size: 166KB - Virtual size: 166KB

.rdata Size: 4KB - Virtual size: 15KB

.data Size: 279KB - Virtual size: 279KB

.rsrc Size: 11KB - Virtual size: 11KB

.text
Size: 166KB - Virtual size: 166KB

.rdata
Size: 4KB - Virtual size: 15KB

.data
Size: 279KB - Virtual size: 279KB

.rsrc
Size: 11KB - Virtual size: 11KB