cab8c9652bd4dc9d065b7b03ea0eeb27

Sharing

Copy URL Twitter E-mail

General

Target

cab8c9652bd4dc9d065b7b03ea0eeb27
Size

414KB
MD5

cab8c9652bd4dc9d065b7b03ea0eeb27
SHA1

5114ca23504a784a83c524691ac0b274deeec50c
SHA256

4ec3096cf17cf78bc087decfb70e5192a771ad9e108376131bf041bc96a3232c
SHA512

20788f6c5337cd02d940037de404e4e31835ae1d05e2aeaf90b450b1479de7274a0c9475c49a7332cdd14ad2e24fb439709161d4c8b8cc041179a3cd2221c621
SSDEEP

12288:VLgjFgjWLT7vvI0SwsFR4aSDJxKm+KgXF:N+S3R4nDJD+3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cab8c9652bd4dc9d065b7b03ea0eeb27

Files

cab8c9652bd4dc9d065b7b03ea0eeb27
.exe windows:4 windows x86 arch:x86

10cc13263acac06cf79ad5908552ac47

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleFileNameW
GetUserDefaultLCID
HeapCreate
SetConsoleCtrlHandler
GetProcAddress
HeapDestroy
HeapReAlloc
SetHandleCount
LCMapStringA
GetLocaleInfoA
GetCurrentProcessId
SetUnhandledExceptionFilter
SetConsoleScreenBufferSize
GetCPInfo
Sleep
UnhandledExceptionFilter
HeapSize
FillConsoleOutputCharacterW
TlsAlloc
VirtualFree
GetCurrentThread
TlsGetValue
CompareStringW
GetStdHandle
InterlockedDecrement
SetCriticalSectionSpinCount
GetFileType
WriteConsoleOutputW
GlobalHandle
ExitProcess
GetTickCount
GetTimeZoneInformation
SetLastError
HeapFree
FreeEnvironmentStringsA
GetModuleFileNameA
GetOEMCP
LoadLibraryA
QueryPerformanceCounter
EnumSystemLocalesA
VirtualAlloc
GetStartupInfoW
CompareStringA
TlsSetValue
GetCurrentProcess
TerminateProcess
GetCurrentThreadId
RtlUnwind
FreeEnvironmentStringsW
GetCommandLineA
GetEnvironmentStrings
LCMapStringW
TlsFree
GetVersionExA
DeleteCriticalSection
GetSystemTimeAsFileTime
FreeLibrary
FlushFileBuffers
GetCurrentDirectoryW
GetACP
GetCommandLineW
GetSystemDefaultLangID
MultiByteToWideChar
InterlockedIncrement
WriteFile
SetThreadAffinityMask
GetDateFormatA
LeaveCriticalSection
GetAtomNameW
GetTimeFormatA
SetEnvironmentVariableA
GetEnvironmentStringsW
FindResourceW
InterlockedExchange
GetLocaleInfoW
WideCharToMultiByte
EnterCriticalSection
IsDebuggerPresent
GetProcessHeap
EnumSystemCodePagesA
InitializeCriticalSection
GetStringTypeW
HeapAlloc
IsValidLocale
GetNamedPipeHandleStateA
GetTempFileNameW
GetStringTypeA
VirtualQuery
GetModuleHandleA
IsValidCodePage
GetLastError
GetStartupInfoA

wininet

SetUrlCacheConfigInfoW
InternetShowSecurityInfoByURL
GetUrlCacheGroupAttributeW
InternetSetDialState
FtpRenameFileW
SetUrlCacheEntryInfoA
InternetSetOptionExW
InternetHangUp
GetUrlCacheEntryInfoW
InternetDialA
InternetGetConnectedStateExA
FtpDeleteFileW
FindFirstUrlCacheEntryExW
FindFirstUrlCacheContainerW
DeleteUrlCacheEntry
ShowX509EncodedCertificate
InternetTimeFromSystemTimeA

Sections

.text
Size: 129KB - Virtual size: 129KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 275KB - Virtual size: 306KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

10cc13263acac06cf79ad5908552ac47

Headers

File Characteristics

Imports

kernel32

wininet

Sections

.text Size: 129KB - Virtual size: 129KB

.data Size: 275KB - Virtual size: 306KB

.rsrc Size: 8KB - Virtual size: 8KB

.text
Size: 129KB - Virtual size: 129KB

.data
Size: 275KB - Virtual size: 306KB

.rsrc
Size: 8KB - Virtual size: 8KB