cb011362a5a1258cc40a5e687eaf1417

Sharing

Copy URL Twitter E-mail

General

Target

cb011362a5a1258cc40a5e687eaf1417
Size

187KB
MD5

cb011362a5a1258cc40a5e687eaf1417
SHA1

1d81e9859179686d1697f5772c51a9c81ecb46f1
SHA256

77ead84e36588976db69447b9089ca6d5e1299ebba43e664c23c0114b1ed8b8f
SHA512

b37c1ceecad2fd85f2115a039953edb93cdf3f565e668cf3fa92fcee287ac5f4cd6d1f9e9ee93ae4640e36317edfa90d41ff5a29435412e0faf04959d3bcc575
SSDEEP

3072:cpjiz1RQ2CN/gbvdBmHitGSXeR4HwHN26OV7VjKci9JQFLlxZ5riGETCNraUA0gO:cpSENiVBmHXSXe6HUE627VjKciJKBx1r

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cb011362a5a1258cc40a5e687eaf1417

Files

cb011362a5a1258cc40a5e687eaf1417
.exe windows:4 windows x86 arch:x86

4504cb186c4a1aeaf275e5c1b0105105

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msimg32

AlphaBlend
TransparentBlt

advapi32

RegCreateKeyExA
RegOpenKeyExA
RegCloseKey
RegSetValueExA
RegQueryValueExA

shlwapi

PathAddBackslashA

kernel32

IsBadCodePtr
ResetEvent
CompareStringA
SetHandleCount
FreeEnvironmentStringsA
InterlockedDecrement
GetCurrentProcess
InitializeCriticalSection
GetThreadIOPendingFlag
GetOEMCP
WritePrivateProfileStringA
CreateSemaphoreA
HeapAlloc
GetACP
FlushFileBuffers
IsBadReadPtr
RtlUnwind
SetUnhandledExceptionFilter
GlobalAlloc
GetStringTypeW
UnmapViewOfFile
GetTimeZoneInformation
GetThreadPriority
WriteFile
GetFullPathNameW
GetStartupInfoA
GetSystemTime
GetFullPathNameA
TlsFree
WideCharToMultiByte
GetLastError
TerminateProcess
Sleep
InterlockedIncrement
LCMapStringW
TransmitCommChar
GetStdHandle
GetPriorityClass
GetTickCount
LeaveCriticalSection
MultiByteToWideChar
SetEndOfFile
IsDBCSLeadByte
GetTempPathW
HeapSize
InterlockedExchange
GetPrivateProfileStringA
IsBadWritePtr
CreateFileMappingA
FreeEnvironmentStringsW
GetEnvironmentStringsW
TlsGetValue
CreateThread
SetLastError
CreateFileW
CloseHandle
EnumResourceNamesW
GetUserDefaultLCID
ExitThread
SetPriorityClass
GetStringTypeA
GetEnvironmentVariableA
lstrcpyA
HeapReAlloc
OutputDebugStringA
ExitProcess
RaiseException
lstrcmpA
LoadLibraryA
GetModuleHandleA
EnterCriticalSection
HeapFree
GetProcAddress
GetCPInfo
FileTimeToLocalFileTime
GlobalFree
ExitProcess
DeleteCriticalSection
GlobalUnlock
TlsAlloc
GetCurrentThreadId
GetFileType
ReleaseSemaphore
CompareStringW
HeapCreate
FreeLibrary
lstrcmpW
LCMapStringA
GetDiskFreeSpaceExA
HeapDestroy
FileTimeToSystemTime
GetCommandLineA
GetEnvironmentStrings
UnhandledExceptionFilter
GetModuleFileNameA
LoadLibraryW
SetEvent
MapViewOfFile
CreateMutexA
SetStdHandle
GetTempPathA
GetTempFileNameA
TlsSetValue
WaitForSingleObject
SetEnvironmentVariableA

user32

wsprintfW
wsprintfA
GetKeyState
CharNextA
MessageBoxA
CharUpperA
CharLowerA

Sections

.text
Size: 158KB - Virtual size: 157KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.crt
Size: 512B - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4504cb186c4a1aeaf275e5c1b0105105

Headers

File Characteristics

Imports

msimg32

advapi32

shlwapi

kernel32

user32

Sections

.text Size: 158KB - Virtual size: 157KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 24KB - Virtual size: 24KB

.crt Size: 512B - Virtual size: 84KB

.text
Size: 158KB - Virtual size: 157KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 24KB - Virtual size: 24KB

.crt
Size: 512B - Virtual size: 84KB