ca86ec37ff9bae4898bf46129d7c7f5a

Sharing

Copy URL

Twitter E-mail

General

Target

ca86ec37ff9bae4898bf46129d7c7f5a
Size

72KB
MD5

ca86ec37ff9bae4898bf46129d7c7f5a
SHA1

00312d8f0278d010c3a0ccb08f7207910265a37e
SHA256

3125ccf827b2b89032e1a4cd694a7cf5acdf7b192b2838336546ef0a1cd62640
SHA512

aa493e2a25907c7862aef74c7ca0448bbcd582e31d0aa119f4f8748f32b94ec38d944a7a5887f347cac10c72094c4968792ed9a6bde64c17a09f9d5ac5f692dd
SSDEEP

1536:M2aWRTqh5wxfE50e75yNq/Io3r+NnB0keYfBxTtZztBFHYDf:Mxh56f58B3kFbZztjYDf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ca86ec37ff9bae4898bf46129d7c7f5a

Files

ca86ec37ff9bae4898bf46129d7c7f5a
.exe windows:4 windows x86 arch:x86

c8a2f8db5aabb520fb2e2a41bb8ac3e9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

StrStrA
wnsprintfA
wvnsprintfA
StrToIntA
StrRChrA
StrCmpNA
StrChrA
StrStrIA
StrNCatA

ws2_32

closesocket
send
select
__WSAFDIsSet
recv
connect
inet_addr
htons
socket
htonl

kernel32

GetStringTypeW
MultiByteToWideChar
GetStringTypeA
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
QueryPerformanceCounter
VirtualQuery
InterlockedExchange
GetCPInfo
GetOEMCP
GetACP
LoadLibraryA
IsBadCodePtr
lstrcmpA
lstrcpynA
lstrlenA
ExitThread
Sleep
LeaveCriticalSection
EnterCriticalSection
GetTickCount
GetLastError
CreateThread
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
HeapAlloc
GetProcessHeap
HeapFree
lstrcpyA
lstrcatA
FormatMessageA
CloseHandle
CreateFileA
CreateProcessA
GetSystemDirectoryA
WideCharToMultiByte
LCMapStringA
GlobalLock
GlobalAlloc
WriteFile
WaitForSingleObject
CreateEventA
ReadFile
lstrcmpiA
GetCurrentProcess
TerminateProcess
OpenProcess
Module32First
Process32Next
Process32First
CreateToolhelp32Snapshot
ExitProcess
GetModuleFileNameA
GetVersionExA
DeleteFileA
CopyFileA
SetErrorMode
SetUnhandledExceptionFilter
CreateMutexA
TerminateThread
SetFilePointer
GetSystemInfo
GetShortPathNameA
MoveFileExA
IsBadReadPtr
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetStdHandle
GetProcAddress
IsBadWritePtr
HeapReAlloc
VirtualAlloc
VirtualFree
LCMapStringW
HeapSize
GetLocaleInfoA
VirtualProtect
GlobalUnlock
GetWindowsDirectoryA
HeapCreate
HeapDestroy
GetCommandLineA
GetStartupInfoA
GetModuleHandleA
RaiseException
RtlUnwind

user32

VkKeyScanA
SendMessageA
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
ShowWindow
keybd_event
BlockInput
SetForegroundWindow
SetFocus
wsprintfA

advapi32

RegSetValueExA
RegCloseKey
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
RegOpenKeyExA

shell32

ShellExecuteA

ole32

CoInitialize
CoCreateInstance
CoUninitialize

oleaut32

VariantInit

Sections

.text
Size: 53KB - Virtual size: 53KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 258KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

c8a2f8db5aabb520fb2e2a41bb8ac3e9

Headers

File Characteristics

Imports

shlwapi

ws2_32

kernel32

user32

advapi32

shell32

ole32

oleaut32

Sections

.text Size: 53KB - Virtual size: 53KB

.rdata Size: 13KB - Virtual size: 13KB

.data Size: 4KB - Virtual size: 258KB

.text
Size: 53KB - Virtual size: 53KB

.rdata
Size: 13KB - Virtual size: 13KB

.data
Size: 4KB - Virtual size: 258KB