cb1b871dff9455e44f43befc34004282

Sharing

Copy URL Twitter E-mail

General

Target

cb1b871dff9455e44f43befc34004282
Size

318KB
MD5

cb1b871dff9455e44f43befc34004282
SHA1

62e718d78b38de0f7e9b5cb281070c074d325b7d
SHA256

a3bf1e6d33c871aa7c2ab17da34327589d0fa76d7f694fbbca825bfbfd4fe5f0
SHA512

4ec3a4836a5f9b3c8eed764a9991c2ecba01fc4d43b839256e1b5b67098ceaf33020a9d1b70dcdd7ede680520d5cbf94e65ed711f5e274eb2a867fe9965116d6
SSDEEP

6144:w+mPMPCIAErblcbAh9EW0/wn4cPup33/cTagCQiXY+:3Hrblcb+9h2w4xxpNY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cb1b871dff9455e44f43befc34004282

Files

cb1b871dff9455e44f43befc34004282
.exe windows:5 windows x86 arch:x86

5e398679cfa1d211027c91245a1fa6f5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrlenW
FreeResource
UnhandledExceptionFilter
GlobalAlloc
InterlockedIncrement
InterlockedCompareExchange
LoadResource
GetCurrentProcessId
WaitForSingleObject
GetModuleHandleW
GetLocaleInfoW
MulDiv
LocalFree
GetModuleHandleA
TlsSetValue
ExpandEnvironmentStringsW
ResetEvent
SetEvent
lstrcmpiW
GetCurrentProcess
GetCurrentDirectoryW
GetSystemTimeAsFileTime
EnterCriticalSection
TlsGetValue
TlsAlloc
GetTempFileNameW
GetACP
CreateEventW
GetProfileStringW
CreateFileW
QueryPerformanceCounter
GetProcAddress
lstrcpyW
GlobalLock
lstrcmpW
GetFullPathNameW
lstrcpyA
CreateThread
DeleteCriticalSection
CloseHandle
lstrlenA
LocalSize
LockResource
LoadLibraryA
GetTickCount
DisableThreadLibraryCalls
GlobalFree
FormatMessageW
TerminateProcess
GetFileAttributesW
FindResourceExW
GetSystemDefaultUILanguage
GetUserDefaultLCID
GetShortPathNameW
DelayLoadFailureHook
LeaveCriticalSection
GetDriveTypeW
FreeLibrary
FindNextFileW
GetLastError
lstrcpynW
GetCurrentThreadId
GetProcessVersion
WideCharToMultiByte
LoadLibraryW
SetCurrentDirectoryW
LocalReAlloc
FindFirstFileW
GetVersionExA
SetErrorMode
FreeLibraryAndExitThread
InterlockedExchange
TlsFree
FindResourceW
SizeofResource
InitializeCriticalSectionAndSpinCount
InterlockedDecrement
FindResourceA
GlobalReAlloc
DeleteFileW
LocalAlloc
GetModuleFileNameW
SetUnhandledExceptionFilter
FindClose
SetLastError
GetVolumeInformationW
GlobalUnlock
MultiByteToWideChar

mswsock

GetAcceptExSockaddrs
AcceptEx

ntdll

NtAllocateVirtualMemory
RtlInitUnicodeStringEx
_vsnwprintf
memmove
RtlUnicodeToMultiByteSize
NtQueryVirtualMemory
RtlUnwind
RtlIsNameLegalDOS8Dot3
_chkstk
RtlUnicodeStringToAnsiString
qsort
_wcsicmp

ole32

CoCreateInstance
CoUninitialize
CoTaskMemFree
CoInitializeEx

Sections

.text
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 201KB - Virtual size: 200KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 103KB - Virtual size: 103KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 3KB - Virtual size: 928KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

5e398679cfa1d211027c91245a1fa6f5

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

mswsock

ntdll

ole32

Sections

.text Size: 9KB - Virtual size: 9KB

.rsrc Size: 201KB - Virtual size: 200KB

.rdata Size: 103KB - Virtual size: 103KB

.data Size: 3KB - Virtual size: 928KB

.text
Size: 9KB - Virtual size: 9KB

.rsrc
Size: 201KB - Virtual size: 200KB

.rdata
Size: 103KB - Virtual size: 103KB

.data
Size: 3KB - Virtual size: 928KB