ca30a9c9fdec0f4bfe7591cf3315dfe2

Sharing

Copy URL Twitter E-mail

General

Target

ca30a9c9fdec0f4bfe7591cf3315dfe2
Size

144KB
MD5

ca30a9c9fdec0f4bfe7591cf3315dfe2
SHA1

133871194b62472f6813a1dc7491e53a3e2d04d4
SHA256

9cdb38166dbd43328142f06651be451e8a5258f2c7a88754dcc7ba2c8a155d5f
SHA512

1633c751779f003851d9901a0215762012199c8852b743cfa8bdeddb8ed31183e8ed9e227217857c30874bc3fa084376adecf949093dab6b3aee9041e36b98f0
SSDEEP

3072:coAtuxNeV8atxi4ImUi1Tk2BUcqDgwmCz9T8vD3TurVV:coAoeV8jw62BUWDlw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ca30a9c9fdec0f4bfe7591cf3315dfe2

Files

ca30a9c9fdec0f4bfe7591cf3315dfe2
.exe windows:4 windows x86 arch:x86

cdb48d583892604d0aa3d4e8b8268d5b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

RegisterClassA
LoadIconA
DefWindowProcA
PostQuitMessage
DestroyMenu
PostMessageA
TrackPopupMenu
SetForegroundWindow
GetCursorPos
CreatePopupMenu
MessageBoxA
DialogBoxIndirectParamA
CreateWindowExA
SetDlgItemTextA
SetFocus
SendMessageA
EnableWindow
SetWindowTextA
GetDlgItem
CheckDlgButton
GetDlgItemTextA
IsDlgButtonChecked
SetMenuItemInfoA
AppendMenuW
ShowWindow
LoadImageA
GetMessageA
DispatchMessageA
TranslateMessage
DestroyWindow

shell32

SHGetPathFromIDListA
CommandLineToArgvW
SHBrowseForFolderA
ShellExecuteA
Shell_NotifyIconA

comdlg32

GetOpenFileNameA

ws2_32

setsockopt
gethostname
ntohl
htonl
WSAGetLastError
send
recv
htons
ntohs
WSAStartup
closesocket
inet_ntoa
ioctlsocket
connect
socket
getsockname
listen
bind
getsockopt
accept
sendto
recvfrom
getpeername
__WSAFDIsSet
select
shutdown
gethostbyname

advapi32

CreateServiceW
ChangeServiceConfig2A
OpenServiceW
DeleteService
CloseServiceHandle
StartServiceCtrlDispatcherA
SetServiceStatus
RegisterServiceCtrlHandlerW
RegOpenKeyExW
RegQueryValueExW
RegEnumKeyExW
RegCloseKey
OpenSCManagerA

msvcrt

_acmdln
_XcptFilter
__getmainargs
__p___argv
__p___argc
wcsncat
strncat
_fullpath
strcpy
signal
freopen
printf
exit
remove
rename
_rmdir
wcschr
fputs
_beginthread
fwrite
fread
_wfopen
_initterm
__setusermatherr
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
_exit
_strdup
_adjust_fdiv
memmove
calloc
free
memcmp
memcpy
fclose
_pctype
_isctype
__mb_cur_max
strchr
fgets
fopen
strstr
strncmp
realloc
srand
rand
abort
memset
malloc
_chdir
time
fprintf
_iob
strlen
tolower
strncpy
fflush
fputc
vfprintf
wcscat
_ftol
strcmp
_vsnprintf
memchr
sscanf
strerror
_errno
atoi
_atoi64
fseek
_snprintf
strftime
gmtime
strtoul
strrchr
localtime
wcslen
toupper
getenv
fgetc
_wstati64

kernel32

ReadFile
GetLastError
WriteFile
GetCurrentProcess
GetStdHandle
CreatePipe
DuplicateHandle
CreateProcessW
CloseHandle
MultiByteToWideChar
GetLocalTime
SystemTimeToFileTime
WideCharToMultiByte
FindNextFileW
FindClose
SetLastError
GetFileAttributesW
FindFirstFileW
GetStartupInfoA
FormatMessageA
GetModuleFileNameW
GetCurrentDirectoryW
TerminateThread
GetCommandLineW
LocalFree
GetModuleHandleA
GetFullPathNameW
Sleep
SetHandleInformation

Exports

Exports

rmdir

Sections

.text
Size: 92KB - Virtual size: 90KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cdb48d583892604d0aa3d4e8b8268d5b

Headers

File Characteristics

Imports

user32

shell32

comdlg32

ws2_32

advapi32

msvcrt

kernel32

Exports

Exports

Sections

.text Size: 92KB - Virtual size: 90KB

.rdata Size: 8KB - Virtual size: 6KB

.data Size: 20KB - Virtual size: 17KB

.rsrc Size: 20KB - Virtual size: 19KB

.text
Size: 92KB - Virtual size: 90KB

.rdata
Size: 8KB - Virtual size: 6KB

.data
Size: 20KB - Virtual size: 17KB

.rsrc
Size: 20KB - Virtual size: 19KB