ca700bb88cde2dda537655859f2f2a83

Sharing

Copy URL Twitter E-mail

General

Target

ca700bb88cde2dda537655859f2f2a83
Size

56KB
MD5

ca700bb88cde2dda537655859f2f2a83
SHA1

7994c3ccad28b262b0e77ca3408aae7f997bf043
SHA256

73dd493c2d19e7b56ea7599922f42030d719e348bcbc7bff8bc13a10975bec04
SHA512

8a5af6982d8986be65a77bdcdbada74ab04445b13658528b20e3d35a5fc5e5641ef29c85e7789d52a2caab07838cf9e64b8213918ce6ac4467cd2c60a87b5d26
SSDEEP

768:82cnjAccOu0pT1EZEvJRzCkPzZb0z2vOVl1tExRugrwW5WfJ4FEXQfAKxPEJzt9H:820jG0pDXCktbo2vWmxRuHfJqFYKps

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ca700bb88cde2dda537655859f2f2a83

Files

ca700bb88cde2dda537655859f2f2a83
.exe windows:5 windows x86 arch:x86

ac5860bf7542f8bf72116958cb468bd4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

OpenMutexW
GetSystemTimeAsFileTime
GetFileTime
lstrcpynW
SetLastError
GetModuleFileNameW
GetLogicalDrives
GetExitCodeProcess
ResetEvent
ReleaseMutex
SetEndOfFile
GetFileSize
GetVersionExW
CopyFileW
lstrcmpiA
GetProcessHeap
CreateFileW
GlobalLock
SetFileTime
lstrcpyW
lstrlenA
lstrcatW
CreateFileMappingW
GetTempFileNameW
FindResourceW
GetModuleHandleA
HeapAlloc
GlobalUnlock
WriteFile
GetTempPathW
FindFirstFileW
CreateDirectoryW
InitializeCriticalSection
GetComputerNameW
lstrcatA
GetProcessTimes
FindClose
SetFilePointer
SystemTimeToFileTime
WideCharToMultiByte
OpenProcess
HeapReAlloc
CreateProcessW
MoveFileExW
GetLocalTime
Sleep
WriteProcessMemory
LeaveCriticalSection
WaitForSingleObject
GetCurrentThreadId
GetCurrentProcessId
FindNextFileW
ReadFile
CreateThread
GetThreadPriority
EnterCriticalSection
HeapFree
GetFileSizeEx
GetSystemTime
MapViewOfFile
CloseHandle
MultiByteToWideChar
GetTickCount
GetTimeZoneInformation
GetLastError
DeleteFileW
FlushFileBuffers
IsBadReadPtr
CreateEventW
CreateMutexW
GetModuleFileNameA
UnmapViewOfFile
lstrcpyA
GetCommandLineA
SetEvent
SetThreadPriority
GetDriveTypeW
lstrlenW
GetUserDefaultUILanguage
DisconnectNamedPipe
SetFileAttributesW
lstrcmpiW
ExpandEnvironmentStringsW

user32

DrawIcon
GetCursorPos
GetForegroundWindow
LoadCursorW
SetProcessWindowStation
OpenDesktopA
GetKeyState

Sections

.szwb
Size: 19KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.qjkx
Size: 6KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tcpih
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.wtcdsh
Size: 27KB - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ac5860bf7542f8bf72116958cb468bd4

Headers

File Characteristics

Imports

kernel32

user32

Sections

.szwb Size: 19KB - Virtual size: 39KB

.qjkx Size: 6KB - Virtual size: 10KB

.tcpih Size: 1KB - Virtual size: 1KB

.wtcdsh Size: 27KB - Virtual size: 132KB

.rsrc Size: 1KB - Virtual size: 4KB

.szwb
Size: 19KB - Virtual size: 39KB

.qjkx
Size: 6KB - Virtual size: 10KB

.tcpih
Size: 1KB - Virtual size: 1KB

.wtcdsh
Size: 27KB - Virtual size: 132KB

.rsrc
Size: 1KB - Virtual size: 4KB