cb3090cea82a17048977a47894fb1074

Sharing

Copy URL

Twitter E-mail

General

Target

cb3090cea82a17048977a47894fb1074
Size

580KB
MD5

cb3090cea82a17048977a47894fb1074
SHA1

6c81683e73ddc64e7affa3ddc2af384a92f96c3e
SHA256

13fce56bbd467ef75f0267cac6b6ab1a1c1312e7f8c636bee9f8b361ff446dc3
SHA512

925b585249ebfd91f736b71d95e7d9a4c32e951b22aaa7cc8a1a739aca94dc4afd1b22ef7e33285c42ff902362101903c6bcdc85c73cb2b695b00f867c28d4d6
SSDEEP

12288:MpX1qxLp0oxzuKKViluc6fj08jCb8kvFD1VyS04pAGrC:MpXSLp0oxSKKVilf6fjzjTUxpAGr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cb3090cea82a17048977a47894fb1074

Files

cb3090cea82a17048977a47894fb1074
.exe windows:4 windows x86 arch:x86

137baa5d3caadf7074767e4e4c73c966

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\eaoepeu\bpe\tye\lxbpcsgxxe\bvzyvb\slioozle.pdb

Imports

kernel32

HeapCreate
LCMapStringA
GetModuleFileNameA
GetSystemTimeAsFileTime
FindAtomW
CreateMutexA
VirtualFree
TlsFree
ReadFile
GetCurrentThread
WideCharToMultiByte
HeapAlloc
SetStdHandle
GetTimeZoneInformation
CompareStringW
VirtualQuery
GetModuleHandleA
EnterCriticalSection
UnhandledExceptionFilter
SetLastError
GetTickCount
GetCommandLineA
GetCurrentThreadId
GetCurrentProcess
IsBadWritePtr
VirtualAlloc
HeapDestroy
InitializeCriticalSection
GetEnvironmentStrings
WriteFile
TlsAlloc
GetCurrentProcessId
LoadLibraryA
SetHandleCount
GetLocalTime
InterlockedIncrement
TlsSetValue
GetOEMCP
LCMapStringW
QueryPerformanceCounter
HeapReAlloc
GetStringTypeW
CompareStringA
CloseHandle
FreeEnvironmentStringsW
GetFileType
GetStartupInfoA
FlushFileBuffers
HeapFree
ExitProcess
InterlockedExchange
GetCPInfo
GetACP
GetVersion
TerminateProcess
FreeEnvironmentStringsA
MultiByteToWideChar
GetStdHandle
GetProcAddress
InterlockedDecrement
SetEnvironmentVariableA
GetLastError
DeleteCriticalSection
SetFilePointer
GetStringTypeA
GetSystemTime
RtlUnwind
OpenMutexA
GetEnvironmentStringsW
TlsGetValue
LeaveCriticalSection

comctl32

InitCommonControlsEx
ImageList_AddIcon
DrawInsert
ImageList_GetFlags
ImageList_GetImageInfo
CreateStatusWindowA

user32

AnyPopup
DeferWindowPos
ReplyMessage
MessageBoxA
DrawAnimatedRects
GetMenuState
CreateWindowExW
SetProcessDefaultLayout
CharNextW
LoadImageW
RegisterClassA
PaintDesktop
DdeAccessData
ChangeDisplaySettingsW
DestroyWindow
GetDialogBaseUnits
GetProcessWindowStation
EnumDesktopsA
AnimateWindow
TranslateAcceleratorA
EnumDesktopWindows
ShowWindow
DragObject
ShowCaret
EnumClipboardFormats
SetWindowsHookW
SetMenuItemInfoA
RegisterClassExW
RealGetWindowClass
RegisterClassExA
DefWindowProcA

Sections

.text
Size: 188KB - Virtual size: 186KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 252KB - Virtual size: 249KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 112KB - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

137baa5d3caadf7074767e4e4c73c966

Headers

File Characteristics

PDB Paths

Imports

kernel32

comctl32

user32

Sections

.text Size: 188KB - Virtual size: 186KB

.rdata Size: 252KB - Virtual size: 249KB

.data Size: 112KB - Virtual size: 136KB

.rsrc Size: 24KB - Virtual size: 22KB

.text
Size: 188KB - Virtual size: 186KB

.rdata
Size: 252KB - Virtual size: 249KB

.data
Size: 112KB - Virtual size: 136KB

.rsrc
Size: 24KB - Virtual size: 22KB