cb8a7106d1477bed6836ef14ccc20be6

Sharing

Copy URL Twitter E-mail

General

Target

cb8a7106d1477bed6836ef14ccc20be6
Size

185KB
MD5

cb8a7106d1477bed6836ef14ccc20be6
SHA1

1fbdbb11a8ba64ebda4cda80f37c172657e92302
SHA256

2e1c554fbb841a73bba578b3e6c7b44929b1e6a1c94d30eedce1748a1f28c5f4
SHA512

eaf01a9ac410342d888ef2cd22902a33710729a725631cba1fbed549bfa0978de8b9137c574336fa7529714d2ce22dd606c6245cae945866001048fae345205d
SSDEEP

3072:YQVNNMXMKKpPiB+B1bpKRKYdwUh/lkKeFg2gaLNwd24ySKp5:YW7MX9KxiYbG/lhoKySe

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cb8a7106d1477bed6836ef14ccc20be6

Files

cb8a7106d1477bed6836ef14ccc20be6
.exe windows:4 windows x86 arch:x86

a16418acb82806cba512ea2e9d191569

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

version

GetFileVersionInfoA
GetFileVersionInfoSizeW
GetFileVersionInfoSizeA
VerQueryValueW
GetFileVersionInfoW
VerQueryValueA

shell32

SHGetSpecialFolderPathA
SHGetSpecialFolderPathW

advapi32

RegDeleteValueA
RegOpenKeyExA
CryptEncrypt
CryptReleaseContext
CryptCreateHash
CryptGetHashParam
CryptHashData
CryptAcquireContextA
RegEnumValueA
RegQueryValueExA
RegEnumKeyExA
RegQueryInfoKeyA
RegCreateKeyExA
RegCloseKey
CryptImportKey
RegSetValueExA
CryptDestroyKey
CryptDestroyHash
RegDeleteKeyA

kernel32

GetShortPathNameW
UnmapViewOfFile
LocalFree
GlobalSize
Sleep
CreateFileA
DisableThreadLibraryCalls
GetProcessAffinityMask
GlobalFree
LocalAlloc
EnumResourceTypesW
GetTickCount
CreateFileW
GlobalAlloc
WriteFile
GetFileSize
WideCharToMultiByte
GetFileAttributesA
MapViewOfFile
ReadFile
CreateFileMappingA
SetFilePointer
CloseHandle

gdiplus

GdipCreateBitmapFromFile
GdipFree
GdipAlloc
GdipCreateBitmapFromFileICM
GdipDisposeImage
GdipGetImagePixelFormat
GdipCloneImage

winmm

timeGetTime
timeSetEvent

setupapi

SetupDiGetDeviceRegistryPropertyA
SetupDiEnumDeviceInfo
SetupDiGetClassDevsA

ole32

CoTaskMemAlloc
OleLockRunning
CoGetClassObject
CoInitializeSecurity
CreateStreamOnHGlobal
CoInitialize
StringFromGUID2
CoSetProxyBlanket
CreateItemMoniker
CoTaskMemRealloc
CreateBindCtx
StgCreateDocfile
CLSIDFromProgID
StgIsStorageFile
GetRunningObjectTable
OleUninitialize
CoCreateInstance
CoUninitialize
StgOpenStorage
CoTaskMemFree
BindMoniker
OleInitialize
CLSIDFromString

wininet

InternetReadFile
InternetOpenA
InternetOpenUrlA
InternetCloseHandle

user32

GetWindowRect
KillTimer
CharNextA
ReleaseCapture
DrawTextA
LoadCursorA
SetRect
GetParent
PostThreadMessageA
GetWindowLongA
SetParent
SetCapture
SetFocus
ShowWindow
EnumDisplayDevicesA
RedrawWindow
RegisterClassExA
MsgWaitForMultipleObjects
SendNotifyMessageA
SendMessageTimeoutA
DestroyAcceleratorTable
CreateDialogParamA
EndPaint
GetDC
GetSysColor
GetFocus
UnregisterClassA
IsChild
DispatchMessageA
GetClassInfoExA
RegisterWindowMessageA
SetTimer
IsWindow
wsprintfA
GetWindowTextLengthA
GetClassNameA
PostMessageA
wvsprintfA
GetWindow
DefWindowProcA
FillRect
CallWindowProcA
MoveWindow
CreateWindowExA
ReleaseDC
GetClientRect
InvalidateRect
FindWindowA
GetDlgItem
GetDesktopWindow
BeginPaint
GetActiveWindow
InvalidateRgn
SendMessageA
SetWindowTextA
GetWindowTextA
SetWindowLongA
GetQueueStatus
CreateAcceleratorTableA
PeekMessageA
CopyRect
EqualRect
DestroyWindow
SetWindowPos

gdi32

CreateCompatibleDC
DeleteObject
CreateSolidBrush
RealizePalette
GetDIBits
CreateCompatibleBitmap
BitBlt
CreateFontA
SelectObject
CreateDIBSection
SelectPalette
ExtEscape
SetStretchBltMode
CreateDIBitmap
StretchDIBits
GetObjectA
DeleteDC
GetStockObject
GetDeviceCaps
SetBkMode

shlwapi

PathFileExistsW
PathCombineW

Sections

.text
Size: 106KB - Virtual size: 106KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 71KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 1024B - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a16418acb82806cba512ea2e9d191569

Headers

File Characteristics

Imports

version

shell32

advapi32

kernel32

gdiplus

winmm

setupapi

ole32

wininet

user32

gdi32

shlwapi

Sections

.text Size: 106KB - Virtual size: 106KB

.rdata Size: 5KB - Virtual size: 4KB

.bss Size: 71KB - Virtual size: 71KB

.tls Size: 1024B - Virtual size: 120KB

.text
Size: 106KB - Virtual size: 106KB

.rdata
Size: 5KB - Virtual size: 4KB

.bss
Size: 71KB - Virtual size: 71KB

.tls
Size: 1024B - Virtual size: 120KB