cb4317c02b22a89bb8652d70647770bc

Sharing

Copy URL Twitter E-mail

General

Target

cb4317c02b22a89bb8652d70647770bc
Size

2.4MB
MD5

cb4317c02b22a89bb8652d70647770bc
SHA1

a8bf7e400869caae5d545f1c55765e0d59c3b7ac
SHA256

42271e2667dcdb2f9da9072d6ceecc04edf33e21ed90e1b24c151892a1bcdd71
SHA512

6c72380d343c3bf7b5233426be5c96733ce922f12cb0b2d5027d1c001b3d2afc0ebdf642b2f0de2ed27c222fcb07066cdc74b5f5ac36074714e23424b2ce8819
SSDEEP

49152:UU6btSDB4pVbieBMsqooGEadW+6T1A3xV:Uj5LVmeBMGoGmWxV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cb4317c02b22a89bb8652d70647770bc

Files

cb4317c02b22a89bb8652d70647770bc
.exe windows:4 windows x86 arch:x86

e42eb73bf6c7c7f3047ed3b94d41dee7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\Projects\Riverdeep\Mavis18\Mavis18\MavisBeacon.pdb

Imports

user32

GetForegroundWindow
GetActiveWindow
SendMessageA
GetParent
PostMessageA
SetWindowPos
IsWindowVisible
GetWindow
ShowWindow
GetWindowRect
SetActiveWindow
SetForegroundWindow
GetWindowLongA
TrackMouseEvent
SetClassLongA
SetCursorPos
wsprintfA
DrawTextA
UnregisterClassA
SetMenuItemInfoA
GetSystemMenu
GetCursorPos
DefWindowProcA
PostQuitMessage
SetClipboardData
CloseClipboard
GetMenu
AdjustWindowRectEx
ClientToScreen
SetRect
CopyRect
CreateIconIndirect
DestroyIcon
InvalidateRect
GetCapture
SetCursor
MessageBoxA
SetParent
MoveWindow
GetDC
ReleaseDC
OffsetRect
IntersectRect
SystemParametersInfoA
FindWindowA
DestroyWindow
SetTimer
PeekMessageA
TranslateMessage
DispatchMessageA
GetKeyState
BeginPaint
EndPaint
SetFocus
SetCapture
ReleaseCapture
MsgWaitForMultipleObjects
LoadIconA
LoadCursorA
RegisterClassA
IsWindow
CreateWindowExA
GetClientRect
SetWindowLongA
SetWindowTextA
IsClipboardFormatAvailable
GetClipboardData
OpenClipboard
EmptyClipboard
GetSystemMetrics

winmm

timeGetTime

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

ddraw

DirectDrawEnumerateExA
DirectDrawCreateEx

dsound

ord1

ole32

CoInitialize
CoCreateGuid

shell32

SHGetSpecialFolderPathA
ShellExecuteA

gdi32

CreateDIBSection
CreateBitmap
StretchBlt
CreateDCA
GetStockObject
BitBlt
DeleteObject
CreateCompatibleBitmap
GetDeviceCaps
StretchDIBits
EndPage
EndDoc
StartDocA
StartPage
DeleteDC
SetTextColor
SetBkMode
GetPaletteEntries

bass

BASS_StreamCreateFile
BASS_ChannelPlay
BASS_StreamFree
BASS_Free
BASS_ChannelSetAttributes
BASS_Init

kernel32

GetDriveTypeA
GetStartupInfoA
GetProcessHeap
GetCommandLineA
GetConsoleMode
GetConsoleCP
WriteFile
SetFilePointer
GetFileType
PeekNamedPipe
GetFileInformationByHandle
FileTimeToLocalFileTime
FileTimeToSystemTime
GetDateFormatA
GetTimeFormatA
HeapReAlloc
GetSystemTimeAsFileTime
HeapFree
RaiseException
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
LCMapStringA
RtlUnwind
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
InterlockedDecrement
InterlockedIncrement
HeapAlloc
ExitProcess
LCMapStringW
GetCPInfo
GetStdHandle
GetWindowsDirectoryA
GetFileSize
DeleteFileA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
GetCurrentThreadId
ReadFile
GetACP
GetOEMCP
IsValidCodePage
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
SetHandleCount
FlushFileBuffers
GetTimeZoneInformation
HeapSize
SetStdHandle
CreateFileW
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetCurrentProcessId
CompareStringA
CompareStringW
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
GetLocaleInfoW
SetEndOfFile
GetCurrentProcess
FindNextFileA
GlobalFree
GlobalUnlock
GlobalLock
GetLogicalDriveStringsA
FindClose
SetEnvironmentVariableA
FindFirstFileA
WaitForSingleObject
ReleaseMutex
CloseHandle
CreateMutexA
GetExitCodeThread
Sleep
CreateThread
GetProcAddress
LoadLibraryA
FreeLibrary
GetShortPathNameA
GetLastError
GlobalAlloc
SetCurrentDirectoryA
SetThreadPriority
SetLastError
GetCurrentDirectoryA
GetModuleFileNameA
GetSystemDirectoryA
GetVersionExA
GetModuleHandleA
lstrcpyA
TerminateProcess
GetFullPathNameA
CreateDirectoryA
CreateEventA
GetTickCount
GetVersion
WideCharToMultiByte
MultiByteToWideChar
GetFileAttributesA
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
CreateFileA

comdlg32

PrintDlgA

iphlpapi

GetAdaptersInfo

Sections

.text
Size: 1.9MB - Virtual size: 1.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 440KB - Virtual size: 436KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 84KB - Virtual size: 410KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 52KB - Virtual size: 72KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

e42eb73bf6c7c7f3047ed3b94d41dee7

Headers

File Characteristics

PDB Paths

Imports

user32

winmm

version

ddraw

dsound

ole32

shell32

gdi32

bass

kernel32

comdlg32

iphlpapi

Sections

.text Size: 1.9MB - Virtual size: 1.9MB

.rdata Size: 440KB - Virtual size: 436KB

.data Size: 84KB - Virtual size: 410KB

.rsrc Size: 52KB - Virtual size: 72KB

.text
Size: 1.9MB - Virtual size: 1.9MB

.rdata
Size: 440KB - Virtual size: 436KB

.data
Size: 84KB - Virtual size: 410KB

.rsrc
Size: 52KB - Virtual size: 72KB