ca0c2df396b2f5d256dfb902c74c3eaf

Sharing

Copy URL Twitter E-mail

General

Target

ca0c2df396b2f5d256dfb902c74c3eaf
Size

24KB
MD5

ca0c2df396b2f5d256dfb902c74c3eaf
SHA1

52bc00b0f83024aaf5ac153ef175c4732917e5f1
SHA256

62b164416cdadc3764393f4c8ec5b3d824270da0cea18fb13f36e758eca635c6
SHA512

fe19902235c5749ba970959b95cbc10af8c0b250aed320ebddfa681a7d7efad3f3ab60d37f3919d8719db7fa10fb04295926181ed59aeba601394883fe8525e5
SSDEEP

768:ea5hdpGQNlKYPJxsAqznY32vMLbAddH9:ea5Xp592zCBaF9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ca0c2df396b2f5d256dfb902c74c3eaf

Files

ca0c2df396b2f5d256dfb902c74c3eaf
.exe windows:4 windows x86 arch:x86

acb44fba1c261f60a63323b51d6df7aa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

rpcrt4

NdrByteCountPointerFree
NDRCContextBinding
NdrConformantStructBufferSize
NdrAsyncServerCall
NDRSContextMarshallEx
MesIncrementalHandleReset
NDRSContextMarshall
NdrAllocate
NDRcopy
NdrClientInitialize
DceErrorInqTextW
NdrByteCountPointerBufferSize
CStdStubBuffer_CountRefs
CreateStubFromTypeInfo
DllGetClassObject
NdrAsyncClientCall
DllRegisterServer
MesBufferHandleReset
NDRCContextMarshall
MesEncodeFixedBufferHandleCreate
MesDecodeIncrementalHandleCreate
MesHandleFree
MesInqProcEncodingId

gdi32

CreatePen
CreateDIBitmap
CreateSolidBrush
SelectPalette
CreateCompatibleDC
GetObjectA
DeleteDC
GetStockObject
GetTextMetricsA
CreateRectRgn
DeleteObject
SelectClipRgn
CreatePalette
RestoreDC
SetBkColor
GetDeviceCaps
GetTextFaceW
SetTextColor
GetSystemPaletteEntries
LineTo
MoveToEx
SaveDC
SelectObject
ExtTextOutA
BitBlt
RealizePalette

kernel32

SetEnvironmentVariableA
WaitForSingleObject
GetConsoleCursorInfo
SetStdHandle
GetComputerNameA
FileTimeToDosDateTime
GetFileAttributesA
SetConsoleCP
GetSystemTimeAsFileTime
FindFirstFileA
GetModuleFileNameA
ReadConsoleInputW
WriteConsoleOutputW
GetConsoleOutputCP
FileTimeToLocalFileTime
GetCurrentProcessId
SetConsoleCursorPosition
SetLastError
GetEnvironmentVariableA
SetConsoleTitleA
LeaveCriticalSection
LocalFileTimeToFileTime
GetVersionExA
SetCurrentDirectoryA
IsBadWritePtr
FindFirstChangeNotificationA
InterlockedDecrement
DefineDosDeviceA
GetStdHandle
InitializeCriticalSection
FindNextFileA
TerminateProcess
SetFileTime
PeekConsoleInputA
WriteConsoleInputW
MoveFileExA
SetConsoleMode
SetConsoleTextAttribute
AllocConsole
GetTickCount
lstrcmpiA
GetSystemTime
SetConsoleCtrlHandler
FlushConsoleInputBuffer
MoveFileA
GetCurrentDirectoryA
ReadConsoleW
GetLargestConsoleWindowSize
PeekConsoleInputW
ReadConsoleA
SetConsoleScreenBufferSize
CopyFileA
GetFileType
RemoveDirectoryA
LoadLibraryExA
FormatMessageA
SetEndOfFile
ReadConsoleOutputA
SetConsoleActiveScreenBuffer
SetConsoleOutputCP
IsBadCodePtr
DeleteFileA
GetFileInformationByHandle
CreateFileA
SetConsoleCursorInfo
GetCompressedFileSizeA
GetConsoleCP
GetNumberFormatA
UnmapViewOfFile
FindCloseChangeNotification
GetFullPathNameA
MapViewOfFile
ReadConsoleOutputW
BackupWrite
ReleaseMutex
VirtualAlloc
GetDiskFreeSpaceA
GetLocaleInfoA
ExpandEnvironmentStringsA
FreeConsole
GetFileSize
InterlockedIncrement
QueryDosDeviceA
GetShortPathNameA
LoadLibraryA
GetConsoleScreenBufferInfo
SearchPathA
GetConsoleMode
FlushFileBuffers
RaiseException
SetFilePointer
CompareStringA
CreateDirectoryA
GlobalMemoryStatus
SetConsoleWindowInfo
ReadFile
GetLastError
WriteFile
WaitForMultipleObjects
ReadConsoleInputA

user32

ReleaseDC
TranslateMessage
GetWindowRect
ShowWindow
EnableWindow
LoadStringW
MessageBoxA
GetClientRect
EndDialog
GetSystemMetrics
GetDC
GetDlgItem

msvcrt

_ftol
strtol
_itow
_snwprintf
fwrite
realloc
free
_wtoi
_onexit
_iob
wcslen
wcsncmp
wcscmp
__dllonexit
_local_unwind2
_initterm
swprintf
_strnicmp

ole32

CoDisableCallCancellation
CoCreateFreeThreadedMarshaler
CLSIDFromString
CLIPFORMAT_UserSize
CLIPFORMAT_UserUnmarshal
CoCreateInstanceEx
CoAddRefServerProcess
OleGetClipboard
CLSIDFromProgIDEx
CLIPFORMAT_UserFree
CoCancelCall
CoCreateObjectInContext
CLSIDFromProgID
CoAllowSetForegroundWindow
OleInitialize
CoBuildVersion
CoDeactivateObject
CoCreateGuid
CoCopyProxy
BindMoniker

ws2_32

WSAGetLastError

oleacc

IID_IAccessibleHandler
DllGetClassObject
GetStateTextW
LIBID_Accessibility
AccessibleObjectFromPoint
DllUnregisterServer
IID_IAccessible
LresultFromObject
DllCanUnloadNow
CreateStdAccessibleProxyA
CreateStdAccessibleProxyW
WindowFromAccessibleObject
GetStateTextA
GetOleaccVersionInfo
GetRoleTextA
AccessibleObjectFromWindow
AccessibleObjectFromEvent
AccessibleChildren
CreateStdAccessibleObject
GetRoleTextW
ObjectFromLresult

version

GetFileVersionInfoSizeW
GetFileVersionInfoSizeA

Sections

.text
Size: 1024B - Virtual size: 895B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

acb44fba1c261f60a63323b51d6df7aa

Headers

DLL Characteristics

File Characteristics

Imports

rpcrt4

gdi32

kernel32

user32

msvcrt

ole32

ws2_32

oleacc

version

Sections

.text Size: 1024B - Virtual size: 895B

.rsrc Size: 13KB - Virtual size: 13KB

.rdata Size: 8KB - Virtual size: 8KB

.data Size: 512B - Virtual size: 40KB

.text
Size: 1024B - Virtual size: 895B

.rsrc
Size: 13KB - Virtual size: 13KB

.rdata
Size: 8KB - Virtual size: 8KB

.data
Size: 512B - Virtual size: 40KB