cb10175aebbef1ed5b71f90649073d72

General

Target

cb10175aebbef1ed5b71f90649073d72
Size

42KB
MD5

cb10175aebbef1ed5b71f90649073d72
SHA1

acc536be149c2ff948290f1b95de35740da9a536
SHA256

2048801002c19ffe09ac9c0758cd37ff0cec67fa16577954ca08ade6387067db
SHA512

b5f4c303424076850f7c5fc7ecd39fdc9027c8b44e4e60ddeda5dedb1b9052273428d9153175060c801cdf3028ee83d76d71ef44d82349e7b5c16ceb763c922c
SSDEEP

768:BQCn5H4xDP9rE9Q0fMkhMj1RsLVGOuw9RcgyfIprfPiryD73606MGjYfXwmyJDR:yCn5HyDP949QUMgMhRINuw9Rcgyfw6xx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cb10175aebbef1ed5b71f90649073d72

Files

cb10175aebbef1ed5b71f90649073d72
.dll windows:4 windows x86 arch:x86

7bf1bad70a4de4b0a72f79297f95b07d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

Sleep
ExitThread
IsBadReadPtr
WideCharToMultiByte
lstrlenW
GlobalFree
MultiByteToWideChar
GlobalAlloc
WriteFile
_lwrite
_lcreat
GetVersionExA
_lclose
_lread
_lopen
LocalAlloc
DeleteFileA
GlobalAddAtomA
HeapFree
CopyFileA
GetFileSize
GlobalSize
GetPrivateProfileStringA
GetLastError
lstrcmpiA
GetPrivateProfileStructA
GetSystemDirectoryA
GetModuleFileNameA
ExpandEnvironmentStringsA
GetTempPathA
lstrlenA
HeapAlloc
GetProcessHeap
lstrcpyA
lstrcpynA
ReadFile
CreateThread
lstrcmpA
FreeLibrary
MoveFileA
HeapReAlloc
lstrcatA
VirtualFree
VirtualProtect
VirtualAlloc
IsBadWritePtr
GetModuleHandleA
LoadLibraryA
GetProcAddress
GetSystemTime
CreateFileA
GetFileTime
FileTimeToSystemTime
GlobalReAlloc
CloseHandle

user32

GetWindowTextA
FindWindowExA
wsprintfA
GetActiveWindow

advapi32

RegOpenKeyExA
RegEnumKeyExA
RegQueryValueExA
RegCloseKey

ole32

CoInitialize
CoCreateInstance
CoUninitialize

msvcrt

_local_unwind2
_except_handler3
strstr
getc
putc
printf
memset
memcpy
strtoul
??2@YAPAXI@Z
fscanf
fclose
fprintf
fopen
strtod

Sections

.text
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7bf1bad70a4de4b0a72f79297f95b07d

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ole32

msvcrt

Sections

.text Size: 30KB - Virtual size: 30KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 4KB - Virtual size: 57KB

.reloc Size: 3KB - Virtual size: 3KB

.text
Size: 30KB - Virtual size: 30KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 4KB - Virtual size: 57KB

.reloc
Size: 3KB - Virtual size: 3KB