ca2bfc3580438ec035f9435eb5fc4f63

Sharing

Copy URL Twitter E-mail

General

Target

ca2bfc3580438ec035f9435eb5fc4f63
Size

401KB
MD5

ca2bfc3580438ec035f9435eb5fc4f63
SHA1

ed7c5f44858d513a3c1e5a249748a308d087acf1
SHA256

c2a7101ce6bcc7b20b4a69c08091e4f1cf5c30fefe73290d057548faa0796dec
SHA512

250f7e01f875792475fb351e170dd8ececbc79abcf4fa6b8e15f2f1733066ba177972f2afb43ed662e287d9f0321c884af82f2d80c15dd2c9cc16a92ccb987e4
SSDEEP

12288:K9svaTOaaAaBsb4z2888888888888W88888888888B:KIaKaa5BxC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ca2bfc3580438ec035f9435eb5fc4f63

Files

ca2bfc3580438ec035f9435eb5fc4f63
.exe windows:5 windows x86 arch:x86

e8f173dfda86b3d6862bcffdc43b7d27

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

b:\dll.pdb

Imports

kernel32

SwitchToThread
GetCPInfo
lstrcpyW
DebugBreak
GetDateFormatW
GetExitCodeProcess
GetCurrentProcess
GlobalFindAtomW
CommConfigDialogW
GetLastError
MultiByteToWideChar
BuildCommDCBA
IsProcessorFeaturePresent
AddAtomA
CompareFileTime
GetProcAddress
GetModuleHandleA
CloseHandle
ReadFile
CreateFileW
IsDBCSLeadByte
UnlockFile
WriteFile
LockFile
SetFilePointer
CreateFileA
GetCompressedFileSizeA
ExitProcess
GlobalHandle
GetTimeFormatA
GetSystemTime
LoadLibraryW
GetVolumePathNameA
GetDiskFreeSpaceW
GetVersion
lstrcmpiW
GetShortPathNameA
GetVolumePathNameW
CopyFileA
GetDiskFreeSpaceExA
SetComputerNameA
CreateDirectoryW
CreateActCtxA
AddAtomW
LoadLibraryA
CompareStringW
IsDBCSLeadByteEx
GlobalMemoryStatusEx
DeleteFileW
CancelIo
GetVolumeInformationA
GetVersionExA
GetConsoleTitleA
SetThreadIdealProcessor
GetCurrentThread
FoldStringW
VirtualProtect
GetCurrencyFormatW
GetBinaryTypeW

user32

TrackPopupMenuEx
DrawTextW
DragDetect
FlashWindowEx
EnumDisplaySettingsExW
ChangeClipboardChain
ChildWindowFromPointEx
LoadMenuW
GetCursorPos
GetClassInfoA
FindWindowW
GetWindowLongW
GetTopWindow
IsWindowEnabled
GetShellWindow
GetMenuItemCount
GetMenu
GetClipboardSequenceNumber
IsChild
GetActiveWindow
GetWindow
GetFocus
RegisterClassA
LoadCursorW
LoadIconW
LoadMenuA
RegisterClassW
GetCaretBlinkTime
GetLastInputInfo
GetMenuCheckMarkDimensions
GetWindowRect
GetClassLongW
GetClipboardViewer
GetSubMenu
CreateMenu
CopyRect
CharNextA
GetWindowTextLengthA
IntersectRect
GetClipboardOwner
GetKeyNameTextA
GetWindowTextW
GetForegroundWindow
LockSetForegroundWindow
TrackMouseEvent

gdi32

GetStockObject

usp10

ScriptLayout
ScriptFreeCache
ScriptPlace

Sections

.text
Size: 44KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

data
Size: 38KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.code
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.didata
Size: 84KB - Virtual size: 83KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 158KB - Virtual size: 158KB

IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e8f173dfda86b3d6862bcffdc43b7d27

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

usp10

Sections

.text Size: 44KB - Virtual size: 44KB

.idata Size: 4KB - Virtual size: 3KB

.rdata Size: 7KB - Virtual size: 6KB

.data Size: 3KB - Virtual size: 45KB

data Size: 38KB - Virtual size: 37KB

.code Size: 60KB - Virtual size: 60KB

.didata Size: 84KB - Virtual size: 83KB

.rsrc Size: 158KB - Virtual size: 158KB

.text
Size: 44KB - Virtual size: 44KB

.idata
Size: 4KB - Virtual size: 3KB

.rdata
Size: 7KB - Virtual size: 6KB

.data
Size: 3KB - Virtual size: 45KB

data
Size: 38KB - Virtual size: 37KB

.code
Size: 60KB - Virtual size: 60KB

.didata
Size: 84KB - Virtual size: 83KB

.rsrc
Size: 158KB - Virtual size: 158KB