cb2587bfbef18186d85dadac5134b2b3

Sharing

Copy URL Twitter E-mail

General

Target

cb2587bfbef18186d85dadac5134b2b3
Size

7.3MB
MD5

cb2587bfbef18186d85dadac5134b2b3
SHA1

67c0eebd9a7cfd3a9922e8ec8bb101ef71367958
SHA256

4b551c593ee6ed92b5630ecb88214fd4fef8b820e90c997af56439d6d79222f3
SHA512

04e24141d088d777bdd6b50905d00eb389e60dda5be2d1a5a87b59399ecaaaa6764d5ffdaaf18ce94ce4398143deb95d984fa7f38af18e7ef9b5abeaf67e113d
SSDEEP

196608:AyrxaOl25b3ZDxLwPyo1hxjQtDEuKlverOGJAA:R1aOE5b3ZRYyGctIbwOY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cb2587bfbef18186d85dadac5134b2b3

Files

cb2587bfbef18186d85dadac5134b2b3
.exe windows:4 windows x86 arch:x86

995387b4581fe41b6f4866c97fa7599b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
SetErrorMode
FreeLibrary
GetProcAddress
RemoveDirectoryA
DeleteFileA
GetDriveTypeA
FindNextFileA
GetFileAttributesA
CreateDirectoryA
MoveFileA
GetSystemInfo
GetVersion
OpenProcess
GetLastError
GetWindowsDirectoryA
SetUnhandledExceptionFilter
TerminateThread
WaitForSingleObject
CreateThread
SetCurrentDirectoryA
GetCurrentDirectoryA
SetFilePointer
GetCurrentProcess
GetCurrentProcessId
GetThreadContext
VirtualQuery
IsBadWritePtr
GlobalMemoryStatus
CreateToolhelp32Snapshot
Process32First
FindFirstFileA
GetModuleFileNameA
GetVersionExA
FindClose
GetDiskFreeSpaceA
Process32Next
GetTempPathA
InterlockedIncrement
GetTickCount
InterlockedDecrement
CloseHandle
CreateFileA
WriteFile
LoadResource
FreeResource
FindResourceA
LocalAlloc
SizeofResource
LockResource
LocalFree
LocalLock
LocalUnlock
GetOEMCP
HeapAlloc
SetEnvironmentVariableA
CompareStringW
SetEndOfFile
FileTimeToSystemTime
HeapFree
GetCurrentThreadId
HeapReAlloc
SetStdHandle
VirtualAlloc
FlushFileBuffers
GetStringTypeA
LCMapStringW
GetStringTypeW
MultiByteToWideChar
LCMapStringA
ReadFile
RaiseException
RtlUnwind
VirtualFree
InitializeCriticalSection
HeapDestroy
GetEnvironmentVariableA
HeapCreate
TlsGetValue
SetLastError
TlsAlloc
TlsSetValue
SetEnvironmentVariableW
GetFullPathNameA
FileTimeToLocalFileTime
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
ExitProcess
EnterCriticalSection
LeaveCriticalSection
SetFileAttributesA
GetCPInfo
GetACP
UnhandledExceptionFilter
CompareStringA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetTimeZoneInformation
GetSystemTime
GetLocalTime
TerminateProcess
HeapSize
GetEnvironmentStringsW
GetFileType
WideCharToMultiByte
GetEnvironmentStrings
GetStdHandle
SetHandleCount
DeleteCriticalSection

user32

TranslateMessage
DispatchMessageA
CharUpperA
DefWindowProcA
GetMessageA
PostThreadMessageA
DestroyWindow
CreateWindowExA
RegisterClassA
PeekMessageA
PostQuitMessage
IsDialogMessageA
SetWindowTextA
MessageBoxA
LoadStringA
FindWindowA
GetSysColor
IsWindow
CreateDialogIndirectParamA
GetParent
SetWindowPos
GetWindowRect
UpdateWindow
SystemParametersInfoA
EndDialog
GetDC
InvalidateRect
SendDlgItemMessageA
CharNextA
CharPrevA
SendMessageA
GetSystemMetrics
LoadIconA
CharLowerA
ReleaseDC

advapi32

RegSetValueExA
RegCreateKeyA
RegCloseKey
AllocateAndInitializeSid
EqualSid
OpenProcessToken
RegQueryValueExA
RegOpenKeyA
GetTokenInformation
RegCreateKeyExA
RegOpenKeyExA
RegEnumKeyExA
RegDeleteKeyA
RegSetValueA
RegDeleteValueA
RegQueryValueA
RegEnumKeyA

gdi32

CreateSolidBrush
SetBkColor
SetTextColor
DeleteObject
GetDeviceCaps

comctl32

ord17

version

GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 100KB - Virtual size: 96KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12.3MB - Virtual size: 12.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

995387b4581fe41b6f4866c97fa7599b

Headers

File Characteristics

Imports

kernel32

user32

advapi32

gdi32

comctl32

version

Sections

.text Size: 100KB - Virtual size: 96KB

.rdata Size: 12KB - Virtual size: 11KB

.data Size: 20KB - Virtual size: 25KB

.rsrc Size: 12.3MB - Virtual size: 12.3MB

.text
Size: 100KB - Virtual size: 96KB

.rdata
Size: 12KB - Virtual size: 11KB

.data
Size: 20KB - Virtual size: 25KB

.rsrc
Size: 12.3MB - Virtual size: 12.3MB