cb892ad7c93a92583976757599357492

Sharing

Copy URL Twitter E-mail

General

Target

cb892ad7c93a92583976757599357492
Size

521KB
MD5

cb892ad7c93a92583976757599357492
SHA1

19974cae9193b79e3bef04851bf499f7bffed431
SHA256

4c0fb97a2af21e4a4f90dd7e8ee38250d7f388e80f5eb17a3f47111af379a72a
SHA512

8162b3b12338f81c7a620925213843fc9aa3402560ef72fa453da3179665107e930ce9f07d494cfb37f36679a771004a74eacca18e87a333cf64649ca082baa9
SSDEEP

12288:oOe/YfaGXoIuhhS21f1fkads6EXSvEhS4+AwnzxIq38N7jarjSm:oOe/Yfa4uh021feaO6EXmET+AwzxIqmu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cb892ad7c93a92583976757599357492

Files

cb892ad7c93a92583976757599357492
.exe windows:4 windows x86 arch:x86

d40bd52bc378d57e4a309ee734a108d7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetLastError
SetStdHandle
InterlockedIncrement
WriteFile
HeapDestroy
ExitProcess
GlobalSize
HeapFree
FindResourceW
TlsFree
CloseHandle
TlsGetValue
GetPrivateProfileStructA
SetHandleCount
GetSystemDefaultLangID
GetCommandLineW
GetAtomNameW
GetEnvironmentStringsW
GetModuleFileNameA
GetStringTypeW
TlsAlloc
GetModuleHandleA
OpenMutexA
GetCPInfo
SetEndOfFile
InterlockedExchange
LCMapStringW
VirtualQuery
GetCurrentProcessId
RemoveDirectoryW
GetStartupInfoA
FlushFileBuffers
GetTickCount
CreateMutexA
GetSystemTime
WideCharToMultiByte
UnlockFile
HeapAlloc
FreeEnvironmentStringsW
LCMapStringA
UnhandledExceptionFilter
GetStringTypeA
GetConsoleMode
GetDriveTypeA
CompareStringW
GetFileType
GetCurrentProcess
GetCurrentThread
GetProcAddress
InitializeCriticalSection
RtlUnwind
InterlockedDecrement
GetEnvironmentStrings
FindFirstFileA
SetConsoleTitleW
GetExitCodeThread
IsBadWritePtr
FreeEnvironmentStringsA
CompareStringA
GetStartupInfoW
GetCurrentThreadId
LocalCompact
GetVersionExA
LoadLibraryA
HeapCreate
TerminateProcess
SetFileAttributesA
GetComputerNameW
GetModuleFileNameW
VirtualFree
DeleteCriticalSection
GetLocalTime
GetDateFormatW
QueryPerformanceCounter
GetLastError
DeleteFiber
SetFilePointer
VirtualAlloc
HeapReAlloc
GetTimeZoneInformation
GetStdHandle
TlsSetValue
ReadFile
lstrcpyW
GetCommandLineA
GetCompressedFileSizeW
GetSystemTimeAsFileTime
MultiByteToWideChar
EnterCriticalSection
SetEnvironmentVariableA
LeaveCriticalSection
GetVersion

comctl32

InitCommonControlsEx

gdi32

BeginPath

user32

SystemParametersInfoA
EndDialog
RegisterClassA
RegisterClassExA
RedrawWindow

shell32

SHGetDiskFreeSpaceA
RealShellExecuteW
SHGetDesktopFolder

Sections

.text
Size: 199KB - Virtual size: 199KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 312KB - Virtual size: 311KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d40bd52bc378d57e4a309ee734a108d7

Headers

File Characteristics

Imports

kernel32

comctl32

gdi32

user32

shell32

Sections

.text Size: 199KB - Virtual size: 199KB

.rdata Size: 4KB - Virtual size: 10KB

.data Size: 312KB - Virtual size: 311KB

.rsrc Size: 5KB - Virtual size: 4KB

.text
Size: 199KB - Virtual size: 199KB

.rdata
Size: 4KB - Virtual size: 10KB

.data
Size: 312KB - Virtual size: 311KB

.rsrc
Size: 5KB - Virtual size: 4KB