ca9b1468a20dbcccc0ab9d324a2f30dc

Sharing

Copy URL Twitter E-mail

General

Target

ca9b1468a20dbcccc0ab9d324a2f30dc
Size

808KB
MD5

ca9b1468a20dbcccc0ab9d324a2f30dc
SHA1

b4df05b42038d027609e5daedd16428ba3b4f2b6
SHA256

c1b1ae8be1e29f06d48343cddfeca8598ca77e904499ca29940207874246b34d
SHA512

f93972b9a556ad7ad23391b78796d29fdc8d85df131bdcdd6ef6d9a2b3346aff3eff4839efd7adf82a2d61b96406d23b558251e0a71671ff92a5e62e53884101
SSDEEP

12288:gwYJ4IBCB0hI2LH7bcYM5qe7vZpPDIjl0/5XZAcFdKuRrK1pCEvmgxP:gL+IQ6H7g95qeD7IJ0pZAcFvrYfma

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ca9b1468a20dbcccc0ab9d324a2f30dc

Files

ca9b1468a20dbcccc0ab9d324a2f30dc
.exe windows:5 windows x86 arch:x86

2c2ad40a644e42c207dae07b81bbd715

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_ISOLATION
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualProtect
CloseHandle
VirtualProtect
UnhandledExceptionFilter
GetCurrentProcess
DisableThreadLibraryCalls
lstrcmpiW
InterlockedDecrement
LocalAlloc
GetCurrentProcessId
LoadLibraryA
GetLastError
FreeLibrary
InitializeCriticalSection
SetLastError
GetModuleHandleW
UnhandledExceptionFilter
HeapAlloc
GetCurrentProcess
CloseHandle
GetProcessHeap
GetVersionExA
GetCurrentProcess
GetSystemTimeAsFileTime
GetProcAddress
HeapFree
HeapAlloc
GetSystemTimeAsFileTime
LocalAlloc
InterlockedExchange
GetModuleHandleW
GetLastError
Sleep
LoadLibraryA
SetLastError
VirtualProtect
GetVersionExA
CreateEventW
GetModuleFileNameW
VirtualProtect
GetTickCount
CreateEventW
InterlockedDecrement
DeleteCriticalSection
InterlockedCompareExchange
GetLastError
LocalAlloc
LocalFree
QueryPerformanceCounter
GetCurrentThreadId
InterlockedIncrement
GetLastError
FreeLibrary
HeapDestroy
GetLastError
HeapFree
Sleep
LoadLibraryA
GetTickCount
GetLastError
MultiByteToWideChar
Sleep
UnhandledExceptionFilter
InterlockedCompareExchange
GetModuleFileNameA
DeleteCriticalSection
lstrcmpiW
GetTickCount
GetCurrentProcess
DeleteCriticalSection
lstrcmpiW
LoadLibraryA
GetModuleFileNameW
InterlockedCompareExchange
GetSystemTimeAsFileTime
GetModuleFileNameA
HeapFree
LoadLibraryW
CreateFileW
CloseHandle
ReadFile
LeaveCriticalSection
LocalFree
GetCurrentProcess
FreeLibrary
GetCurrentProcess
GetProcAddress
GetModuleFileNameA
SetLastError
GetModuleFileNameW
GetModuleFileNameW
GetProcAddress
VirtualProtect
LeaveCriticalSection
CreateFileW
CloseHandle
GetCurrentProcess
DeleteCriticalSection
GetSystemTimeAsFileTime
GetProcessHeap
GetModuleHandleA
GetCurrentProcessId
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection

user32

GetFocus
SetCursor
BeginPaint
CharNextW
EndDialog
wsprintfA
EndPaint
EnableWindow
SendMessageW
KillTimer
GetFocus
wsprintfA
DestroyWindow
SendDlgItemMessageW
DialogBoxParamW
DestroyWindow
SetCursor
SendDlgItemMessageW
SetTimer
GetDesktopWindow
GetWindowRect
SetTimer
ReleaseDC
IsWindow
InvalidateRect
LoadStringW
DialogBoxParamW
BeginPaint
GetWindowRect
DialogBoxParamW
LoadCursorW
SetCursor
SetTimer
IsDlgButtonChecked
SetForegroundWindow
BeginPaint
LoadIconW
DefWindowProcW
GetDC
LoadIconW
BeginPaint
CharNextW
SetWindowLongW
EndDialog
BeginPaint
GetDC
LoadStringW
GetFocus
LoadStringW
PeekMessageW
EndDialog
DialogBoxParamW
SetWindowTextW
InvalidateRect
SetWindowLongW
SendMessageW
IsWindow
LoadIconW
SetCursor
DestroyWindow
EnableWindow
CharNextW
ShowWindow
MessageBoxW
InvalidateRect
EndPaint
GetFocus
IsWindow
SendDlgItemMessageW
DispatchMessageW
InvalidateRect
GetDlgItem
PeekMessageW
MessageBoxW
GetClientRect
GetFocus
SetWindowLongW
IsDlgButtonChecked
PostMessageW
SetFocus
CharNextW
IsDlgButtonChecked
EnableWindow
SetWindowTextW
SendDlgItemMessageW
ShowWindow
SetWindowPos
ReleaseDC
SetDlgItemTextW
GetSysColor
InvalidateRect
LoadCursorW
IsWindow
SetTimer
EndPaint
GetWindowLongW
KillTimer
GetParent
wsprintfA
GetWindowRect
MessageBoxW
GetParent
MessageBoxW
IsWindow
EndDialog
IsWindow
GetSystemMetrics
EndPaint
PostMessageW

Sections

.text
Size: 719KB - Virtual size: 968KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 82KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2c2ad40a644e42c207dae07b81bbd715

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

Sections

.text Size: 719KB - Virtual size: 968KB

.data Size: - Virtual size: 4KB

.rdata Size: 5KB - Virtual size: 8KB

.rsrc Size: 82KB - Virtual size: 84KB

.text
Size: 719KB - Virtual size: 968KB

.data
Size: - Virtual size: 4KB

.rdata
Size: 5KB - Virtual size: 8KB

.rsrc
Size: 82KB - Virtual size: 84KB