cb1107e21b5254455fb438286d5a49ba

General

Target

cb1107e21b5254455fb438286d5a49ba
Size

314KB
MD5

cb1107e21b5254455fb438286d5a49ba
SHA1

ca19c38bc364e11684c0fdd004df642ba8b7f4cc
SHA256

768e54867e3448e6f5dfc68c03394a6dba919b5a61353f45acdab0df7b7a5ad7
SHA512

47a2fb2986d13282f0afaaefab231d770b9cf59b65a85f6b0f82c7e91061e8336238d39dcda5f7da9681cc232c35fee8d008b71975d4897b2cf52add9bbc47b3
SSDEEP

6144:De4bjP3hjx85/6ydHwIPZiS8LqEI6CsJAtqPcT3LM8FAlK3tZmd7ApU/udZgR:SGP39U6y5wbydUJAt8cT3/nmd7H/OgR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cb1107e21b5254455fb438286d5a49ba

Files

cb1107e21b5254455fb438286d5a49ba
.exe windows:4 windows x86 arch:x86

332e9847d8da6cb07c912d8cb7be898b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

secur32

GetUserNameExW

kernel32

lstrlenW
LoadLibraryA
InterlockedIncrement
GetCurrentThreadId
WideCharToMultiByte
HeapFree
IsBadWritePtr
DeleteCriticalSection
LoadResource
GetFileAttributesA
LockResource
FlushFileBuffers
lstrlenA
FindResourceA
EnterCriticalSection
lstrcatA
GetVersion
ExitProcess
HeapAlloc
HeapReAlloc
GetModuleFileNameA
GetWindowsDirectoryA
MultiByteToWideChar
LeaveCriticalSection
FreeLibrary
InterlockedDecrement
GetProcAddress
lstrcpyA
GetProcessHeap
lstrcpynA
DisableThreadLibraryCalls
InitializeCriticalSection
GetLocaleInfoA

user32

CharPrevW
GetWindowTextA
TranslateAcceleratorA
GetClientRect
LoadCursorA
MessageBoxA
CreateWindowExA
SetRectEmpty
LoadStringA
CharNextW
IsWindowVisible
ClientToScreen
TrackPopupMenuEx
FindWindowA
GetParent
EndDialog
RegisterClassA
GetWindowLongA
DialogBoxParamA
GetWindowTextLengthA
EnumWindowStationsW
SendMessageA
EnableMenuItem
CreateDialogIndirectParamA
wsprintfA
InvalidateRect

ole32

CoTaskMemAlloc
CoTaskMemFree
CoCreateInstance
CreateOleAdviseHolder

advapi32

RegQueryValueExA
RegEnumValueA
RegCloseKey
RegSetValueA
RegQueryInfoKeyA
RegDeleteValueA
RegEnumKeyExA
RegDeleteKeyA
RegCreateKeyExA
RegOpenKeyExA
RegSetValueExA

Sections

.text
Size: 205KB - Virtual size: 205KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 100KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.venue
Size: 5KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

332e9847d8da6cb07c912d8cb7be898b

Headers

File Characteristics

Imports

secur32

kernel32

user32

ole32

advapi32

Sections

.text Size: 205KB - Virtual size: 205KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 100KB - Virtual size: 100KB

.venue Size: 5KB - Virtual size: 79KB

.text
Size: 205KB - Virtual size: 205KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 100KB - Virtual size: 100KB

.venue
Size: 5KB - Virtual size: 79KB