cb3febd2a29b1213a404086e12c67138

Sharing

Copy URL Twitter E-mail

General

Target

cb3febd2a29b1213a404086e12c67138
Size

959KB
MD5

cb3febd2a29b1213a404086e12c67138
SHA1

85d1f6e843e00d917a58392d776321e2129d4046
SHA256

6c4410538bd9df5d42dcb8e333d306121bea125cca8d48c5430e704c68f09f72
SHA512

aa8a9a739794af1e7fd7f87838b7552c5c7faab66e25ee6878e5e82b93cd2816c645985ae9cfb5a78f27ed3aefe5711602c62c47e24cb92f0a5a63596217d0d1
SSDEEP

24576:cVp0zgpk96VEiV+17d1ObsFku6oeyzlvfdlc3vHoyuMiqqs:O+Kk9CNbbs+u6oDZdlnQjJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cb3febd2a29b1213a404086e12c67138

Files

cb3febd2a29b1213a404086e12c67138
.exe windows:4 windows x86 arch:x86

e3dd6f6d245acc5a3315e30d0d4a7b68

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wsock32

gethostbyname

kernel32

ReadFile
LoadLibraryA
VirtualProtect
GetModuleFileNameA
ExitProcess

user32

GetForegroundWindow
MessageBoxA

advapi32

RegQueryValueExW

shell32

ExtractIconExW

comctl32

ImageList_Add

winmm

mciSendCommandW

gdi32

CreateDIBitmap

comdlg32

ChooseFontW

ole32

OleGetClipboard

oleaut32

SysAllocString

Exports

Exports

�Zf�9��8��E��P��-�Á��/]1��wDn�B�e]6�\KT� y�K>�}q��b)��j�J�U�]��P�+�~Ve��1�r��7_��rS�{�Y�A>*�8F��m�|3��D<�o"n$��0�Tk�CC��˪��V�O�yM �c|w�}qU�p�Jnd%]2��~�N�3�R.'��j�F�ى�іz�U[54BY��r��~��}��P|�F9wz��-XO��Q��t��ޅM8��Y�X/tp��5}b��Xu:|��d��ȗ�!O�m3�Yt�l��l?��ԋc��p�+o�V��y�&��c��n��4UQM�=ɡ�Nn�H�'��'j��y䔼�X��\��\U.��4Wk8�m�x�-�}�iDw��yO��ɶ ^bQ(��YUܲ4A��"y˙��B�[�QRL��I� 7��;1D�V��S��>J��jɯᚿ �69��}��[q�)4'�6�ر�+�dH��k�-��e䡍&喖��CR_Qa�jFۇ�4Z�O�8�7~RX��]G-�h�HS��^ \w��k��^r�N8,T�K��`� ��$�֧6-��HLd�P�c�d��/��B��L6��7@컟�X�:Z��ƿ��DD0�nw��N p�U=%Vf��jk��2�;8��3l6��CI��T��51%K=��Æ*�8�s��lA��'y@��2��ְ�r:�_ِ��_�&K��W�1��j<�+)~,qRe�y ��)wB#d��U�8v�>�&��U�&x�5�~�Y� ��;�u�-D�#K��v2<b��1v ��9)Sy�^�KZ�Q�٪��i��2�\��r��p��<_�At�$l��}=>Ik 3Ķ�f�!o��:�H� !��Zq��@�bn)� t�]��iux��sH��>�P#�h�]w/zW��>�)��̀`5�@C�F��8%8�h?��<��@|�� '�a��}LM.ec0�_A$��-� �l��yE��'��'��[��8)o�]��5/�K�]��}^E��L�'�«V��Ma{� ��0?��7�c��kX�Qg�T��B5}�'�g$ 1�+*��/�m ��-�@y��i��,80K CIp7��- ��L��ϊ� ��f g�|}��f��(�Q�0��$� IC��gnٛƍ��Sf{A��Q�`(J��ġa��-�V�7z�]�C��@�?�_�� Sg�Z��:��#&Kq��D�lF=�|N��Ҿ��0�M1Zĭ�|��z��3$��E��w�t��Z��a<7�31�7��F�Q�_��i�z>��V�y�0�z��[Iㄜ,|7�6�2��DP��}f�`�uOM�J�$��=��}W�D��<�yͳ*�e �ܧ2�Y�&�)%xQ�c��Җ�� !Ǥ׍��/N<_C�!%)� �o��<�@�/��#0a��7 �9,��1A3��c"��'��E�W�S@��ĴW(,�4�JVQ�fUl])�p ��Q��$�Ӛ z�Ŝ<:)��(�O?ρ��S_�D�Ռ�a<d��P֠�j_;��N6;��p��_*IV��68k��b�$��؎��;R�,��Bu2 ��)��d��ڞA��~ 1{��B��:��6�`�o_�6�� =�o{B5��;2.�,�򐌮+��ֲd��4+��cRMZ�P��:\}��0<⋣VP��p��ݗM�4c��bS7��v��z,�9�Ǣ��"�Ʃ{#� T��'��k ߫�8!�a�G��*� e=<�!N��M�qs.kH��A�SC5y8��F)�֞��gy�f\�\�ވGmW��)M#��h��p!�CN"f�ǅ��!Kb@Pa�ʶU?i��4��1��'Nj <�PG��^Ij��z�l�u��wx��(��ݚL,0�H0r�B��4S:;;W�b��'�i�NE�WJ'�+ h�z��ұ��/Lj \قp(�琘�},6�uB��!��^zZ��Uƈ��-4Rb�H Y��~wJ�'Q��Jm~#ڭ8�I� �A�8G�I6�7A�B��[P��Dh�@�A@��'�PA'�QaQ�SWXmI�2�M��Y�͈ �pm�Wg�x�X�I#��Q9Z�/��+�佳>�*��W��S��o�h�-E�=ǥ��0��D�w6!)�:�8��e��s(��0��"�:��Q�|��R��ؒ�R<��6n��6 �_��.{��&ƥ"�"-<n��k8��vy�_�(?=�_E��÷6N �R�D77��(��۵|,��x$jC�{s9.��c�x�T�)�Εl$�F�t��y`�K�J�5�+t�Ċ�x��Yj\Ӊ]��{˱5_��u�� t1�ܕ-AcVIl�U*��9��P-�y��hzy�+��x�p+C=�K��5"hF��m�܄T��J�j��G�~�@��C�BulUzfu��7x�_�,Z� �>|F��N��/��G��Ȼ߷�}^oG�>32,Aq��%�sk��:�:�Аm�ѧxAk �*&S��`� thND�o�[�K�Û�n[6��+�"��q]=��I��S�J{b� A�D�^� �Z].�6�?,g(� E�'��˰!� �-t8��6�:�G��V"�a}ңB�E�4� c��.�!`��`ޑ��3��'~ ��TnO��U"�LaY�O6)��a#�#�z��bd\��yIf�W�Vx�S�ڛ}p�ܘ�dW P<#�]�P�D�L{�m^� :Vbҷ/-B�lK�fY��G+�[]�D9��6$\aד��0�I>��eJl��X��(��^ W�U��;��Qf��&��ӊ�rR��Gk h��_WL�v��b

Sections

.text
Size: - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 481KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 349KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.gsys0
Size: - Virtual size: 137KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 24B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gsys1
Size: 954KB - Virtual size: 953KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

e3dd6f6d245acc5a3315e30d0d4a7b68

Headers

File Characteristics

Imports

wsock32

kernel32

user32

advapi32

shell32

comctl32

winmm

gdi32

comdlg32

ole32

oleaut32

Exports

Exports

Sections

.text Size: - Virtual size: 1.2MB

.rdata Size: - Virtual size: 481KB

.data Size: - Virtual size: 349KB

.rsrc Size: 3KB - Virtual size: 40KB

.gsys0 Size: - Virtual size: 137KB

.tls Size: 512B - Virtual size: 24B

.gsys1 Size: 954KB - Virtual size: 953KB

.text
Size: - Virtual size: 1.2MB

.rdata
Size: - Virtual size: 481KB

.data
Size: - Virtual size: 349KB

.rsrc
Size: 3KB - Virtual size: 40KB

.gsys0
Size: - Virtual size: 137KB

.tls
Size: 512B - Virtual size: 24B

.gsys1
Size: 954KB - Virtual size: 953KB