cabd3766b2f3d922a446ba6d5825489c

Sharing

Copy URL Twitter E-mail

General

Target

cabd3766b2f3d922a446ba6d5825489c
Size

418KB
MD5

cabd3766b2f3d922a446ba6d5825489c
SHA1

df029f3ac229a44d114018763fdbd51461d56785
SHA256

55bab2f039ac2a53fabac688642cf9e1726667a538b7b4a3a267a5479eb79d28
SHA512

8b22c39e0866d1f7e5bd76e50379fec51910729204550263f86e6d7653047e20dc9fe0746b9c8aa7e44561aac57331324976b5407d27de3025454d9a01372eb8
SSDEEP

12288:jspTKMcC+aNYjOk+jsRb5EwzEZSayE0fy1y:jtOjsRl9Pq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cabd3766b2f3d922a446ba6d5825489c

Files

cabd3766b2f3d922a446ba6d5825489c
.exe windows:4 windows x86 arch:x86

e2854fb1c642505bc5a02cd54c7c2952

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comdlg32

LoadAlterBitmap
GetSaveFileNameW
GetOpenFileNameA
FindTextW
ChooseFontA
GetFileTitleA
GetSaveFileNameA
PrintDlgA
ReplaceTextA
GetFileTitleW
ReplaceTextW
PrintDlgW
GetOpenFileNameW
FindTextA
ChooseColorW

shell32

SHAddToRecentDocs
SHGetFileInfoA
SHGetSpecialFolderPathA
SHGetSettings
DragQueryFileW
SHInvokePrinterCommandW
SHBrowseForFolder
SHBrowseForFolderA
CheckEscapesW
SHGetPathFromIDList
SHLoadInProc
SHGetSpecialFolderPathW
SHGetMalloc
ExtractIconA
InternalExtractIconListW

advapi32

RegLoadKeyW
RegDeleteKeyW
RegEnumKeyA
RegQueryValueA
CryptSetProviderW
RegRestoreKeyW
CryptSignHashW
GetUserNameW
LookupAccountNameW
RegCreateKeyExW
InitializeSecurityDescriptor
RegCreateKeyA
StartServiceA
GetUserNameA
LogonUserA
RegQueryValueW
RegQueryMultipleValuesW
RegReplaceKeyW
CryptAcquireContextW

user32

GetKeyboardLayoutList
wsprintfW
CountClipboardFormats
DdeGetLastError
VkKeyScanW
CharPrevExA
HideCaret
OpenClipboard
SetClassLongA
GetSystemMenu
GetUserObjectInformationA
DlgDirSelectComboBoxExW
GetProcessDefaultLayout
GetNextDlgGroupItem
SetRect
SetMenuInfo
CopyAcceleratorTableW

kernel32

CreateNamedPipeW
GetACP
GetCPInfo
GetSystemTimeAsFileTime
GetConsoleMode
LCMapStringA
LCMapStringW
GetEnvironmentStrings
GetLastError
GetCurrentThreadId
EnterCriticalSection
TlsFree
WideCharToMultiByte
ExitProcess
HeapCreate
HeapDestroy
IsValidCodePage
GetSystemInfo
ReadFileEx
VirtualFree
GetCommandLineA
GetTimeFormatA
GetCurrentThread
IsValidLocale
HeapValidate
DeleteCriticalSection
OpenSemaphoreW
CompareStringA
TlsAlloc
TlsSetValue
WriteFile
CompareStringW
SetLastError
SetHandleCount
InterlockedExchange
LeaveCriticalSection
HeapSize
TerminateProcess
GetModuleFileNameA
TlsGetValue
GetModuleHandleA
GetLocaleInfoW
GetStdHandle
HeapFree
GetVersionExW
SetVolumeLabelW
VirtualQuery
InitializeCriticalSection
GetOEMCP
GetStartupInfoA
GetLocaleInfoA
GetPriorityClass
IsBadWritePtr
GetFileType
VirtualProtect
EnumSystemLocalesA
UnhandledExceptionFilter
GetProcAddress
ReadConsoleW
FreeEnvironmentStringsW
RtlUnwind
GetStringTypeW
DebugBreak
GetDateFormatA
FindNextChangeNotification
LoadLibraryA
GetStringTypeA
GetTickCount
QueryPerformanceCounter
GetUserDefaultLCID
GetVersionExA
MultiByteToWideChar
HeapReAlloc
GetEnvironmentStringsW
GetCurrentProcess
SetEnvironmentVariableA
lstrcatA
GetTimeZoneInformation
GetPrivateProfileStructW
GetCurrentProcessId
HeapAlloc
FreeEnvironmentStringsA
VirtualAlloc

wininet

FtpCommandW
FtpRemoveDirectoryA
SetUrlCacheEntryGroupW
InternetErrorDlg
RetrieveUrlCacheEntryStreamA
GetUrlCacheConfigInfoW
HttpSendRequestExW
ShowSecurityInfo
InternetCombineUrlA
InternetConnectW
GetUrlCacheConfigInfoA
CreateUrlCacheEntryW
InternetSetOptionW
InternetFindNextFileA
CreateUrlCacheEntryA
FtpCommandA
InternetDial
GetUrlCacheGroupAttributeW
UrlZonesDetach
FindNextUrlCacheEntryW
FtpGetFileSize
IsHostInProxyBypassList
HttpCheckDavCompliance

Sections

.text
Size: 131KB - Virtual size: 131KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 272KB - Virtual size: 291KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e2854fb1c642505bc5a02cd54c7c2952

Headers

File Characteristics

Imports

comdlg32

shell32

advapi32

user32

kernel32

wininet

Sections

.text Size: 131KB - Virtual size: 131KB

.data Size: 272KB - Virtual size: 291KB

.rsrc Size: 13KB - Virtual size: 13KB

.text
Size: 131KB - Virtual size: 131KB

.data
Size: 272KB - Virtual size: 291KB

.rsrc
Size: 13KB - Virtual size: 13KB