ca165c32d1830041f168447490c08dfb

Sharing

Copy URL Twitter E-mail

General

Target

ca165c32d1830041f168447490c08dfb
Size

829KB
MD5

ca165c32d1830041f168447490c08dfb
SHA1

17a3395e6a9086ece7475307e43c1ab3e1e41adc
SHA256

7de0c32ed54cc7b0cfef96df8ba42e7eb8de4c3d83a2b5f4481df921f182b262
SHA512

1a280ef6301b7737f3117c2433b7aaacdbb5a5ed8612a7720188ea3177eb98d57b227e06d15478507d5c5a4027b876f75c8713c01d7592a78fdad1ef5a6a7dc5
SSDEEP

6144:/srecYraMcr8xttRCDZftXWwqf6VanOr+TpYPfytO7BdJ8tpORqf3fCohhsR:/sMcgl0xtXI0EO6TmKLtpV3dhi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ca165c32d1830041f168447490c08dfb

Files

ca165c32d1830041f168447490c08dfb
.exe windows:4 windows x86 arch:x86

5b3412e68be61a0703f29430d846a386

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CoResumeClassObjects
StgSetTimes
CoGetInterfaceAndReleaseStream
CreateStreamOnHGlobal

kernel32

SetEvent
CreateDirectoryExA
IsBadStringPtrA
GetProcessHeap
SearchPathW
CreateNamedPipeW
GetTickCount
SetMailslotInfo
GetDiskFreeSpaceW
SetFileAttributesA
SetupComm
_llseek
GetTapeStatus
GetFileType
InitializeCriticalSection
DeleteFiber
GetCommandLineW
TryEnterCriticalSection
GetStringTypeExW
GetProfileStringA
CloseHandle
OutputDebugStringA
CopyFileExW
DuplicateHandle
GlobalFindAtomA
IsDBCSLeadByteEx
EnumCalendarInfoW
GetBinaryTypeA
PurgeComm
CreateMutexW
LoadLibraryExA
WritePrivateProfileStringA
ExitThread
IsProcessorFeaturePresent
WriteConsoleOutputCharacterA
FreeLibrary
MoveFileExA
VirtualQuery
SuspendThread
SetEndOfFile
GetDiskFreeSpaceExA
GetTimeZoneInformation
GlobalGetAtomNameW
GetNumberFormatW
UnhandledExceptionFilter
EndUpdateResourceA
_lread
GetCurrentDirectoryW
GlobalAddAtomA
CancelIo
GetCompressedFileSizeW
GlobalUnlock
GetVersion
QueryDosDeviceW
GetOEMCP
ExitProcess
GetCPInfo
OpenFile

user32

SubtractRect
SetCapture
OpenIcon
GetTitleBarInfo
SetMenuItemInfoW
AdjustWindowRectEx
SetWinEventHook
RemoveMenu
InflateRect
GetCaretBlinkTime
GetCursor
GetWindowInfo
WaitMessage
SetClipboardData
RedrawWindow
GetIconInfo
SetMessageQueue
IsCharUpperA
ShowWindowAsync

advapi32

ChangeServiceConfigW
RegEnumValueA
QueryServiceLockStatusW
CryptVerifySignatureW
GetSidIdentifierAuthority

gdi32

GdiFlush
CreateBitmapIndirect
SetLayout
SetPaletteEntries
CreateRectRgnIndirect
SetDIBits
GetObjectW
RectInRegion
GetDIBColorTable
CreateDIBPatternBrushPt

msvcrt

swscanf
towlower
_iob
_fcvt
_wputenv
_waccess
isalpha
_strnicmp
_mbsnbcnt
_getmbcp
_kbhit
rand
_popen
__p__environ
_mbctoupper

Sections

.text
Size: 359KB - Virtual size: 358KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 404KB - Virtual size: 404KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5b3412e68be61a0703f29430d846a386

Headers

File Characteristics

Imports

ole32

kernel32

user32

advapi32

gdi32

msvcrt

Sections

.text Size: 359KB - Virtual size: 358KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 404KB - Virtual size: 404KB

.rsrc Size: 60KB - Virtual size: 60KB

.text
Size: 359KB - Virtual size: 358KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 404KB - Virtual size: 404KB

.rsrc
Size: 60KB - Virtual size: 60KB