cb4222b4dc5bb311e0a2d2df4e2305f8

General

Target

cb4222b4dc5bb311e0a2d2df4e2305f8
Size

49KB
MD5

cb4222b4dc5bb311e0a2d2df4e2305f8
SHA1

c6f98abcd8e18a63aebb379ba935009584aa6131
SHA256

39292b200453fe13f7c43dd719899be03bf2f6b66b971df71da258c09afd3619
SHA512

dd88a55d11b15d91d859c7dab6aa6daa51d9f4f5024f4102e2b1524934e99a80d43fe44f2d3baf520edfe876b9fcfad79c668fcdea621faed03c21f0d3df8176
SSDEEP

1536:SVuztwE0b+0bnPrF+dBOrhthm95LRzgXJ:kUtwE0bebOrL8yXJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cb4222b4dc5bb311e0a2d2df4e2305f8

Files

cb4222b4dc5bb311e0a2d2df4e2305f8
.exe windows:5 windows x86 arch:x86

66fb4b658b4f0ee5b8a7a7c951699b99

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

CloseWindowStation
DrawIcon
SendMessageW
GetDlgItemTextW
ExitWindowsEx
GetCursorPos
GetMessageW
GetClassNameW
OpenWindowStationA
GetWindowTextW
GetMessageA
GetClipboardData
GetIconInfo
GetWindowLongW
CharLowerBuffA
CloseDesktop
GetForegroundWindow
FindWindowExW
GetWindowThreadProcessId
OpenDesktopA
SetThreadDesktop
GetDlgItemTextA
GetDlgItem
MsgWaitForMultipleObjects
GetKeyboardState
EndDialog
ToUnicode
PeekMessageA
LoadCursorW
GetKeyState
SetProcessWindowStation
PeekMessageW
DispatchMessageW

kernel32

lstrcpynW
EnterCriticalSection
GetCommandLineA
GetLastError
ReadFile
GetTickCount
GetCurrentThreadId
HeapReAlloc
SetFileTime
GetThreadPriority
GetProcessTimes
GetTempFileNameW
CreateProcessW
GetFileSizeEx
SetThreadPriority
SetFileAttributesW
GetVersionExW
WaitForSingleObject
DisconnectNamedPipe
MoveFileExW
CopyFileW
ExpandEnvironmentStringsW
lstrcmpiW
SetLastError
FindResourceW
GetCurrentProcessId
CreateThread
GetExitCodeProcess
GetDriveTypeW
lstrcpyW
SetFilePointer
GetTimeZoneInformation
GetModuleHandleA
CloseHandle
CreateDirectoryW
FindNextFileW
GetFileTime
GetComputerNameW
FindClose
GetLocalTime
GetTempPathW
WriteProcessMemory
GetModuleFileNameA
lstrcatW
WriteFile
GetSystemTimeAsFileTime
HeapAlloc
OpenProcess
ReleaseMutex
GetFileSize
GetModuleFileNameW
GlobalLock
IsBadReadPtr
CreateEventW
lstrcatA
FindFirstFileW
FlushFileBuffers
lstrlenA

Sections

.lyh
Size: 39KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.zexav
Size: 2KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.wfob
Size: 7KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

66fb4b658b4f0ee5b8a7a7c951699b99

Headers

File Characteristics

Imports

user32

kernel32

Sections

.lyh Size: 39KB - Virtual size: 61KB

.zexav Size: 2KB - Virtual size: 5KB

.wfob Size: 7KB - Virtual size: 80KB

.lyh
Size: 39KB - Virtual size: 61KB

.zexav
Size: 2KB - Virtual size: 5KB

.wfob
Size: 7KB - Virtual size: 80KB