cb8d1402389b97774ef4f3d9eed46fde

Sharing

Copy URL Twitter E-mail

General

Target

cb8d1402389b97774ef4f3d9eed46fde
Size

225KB
MD5

cb8d1402389b97774ef4f3d9eed46fde
SHA1

ca8059c3ea160a875f07669aaaa758535a1710fe
SHA256

db274a78fc28911c4b99423353922a30acbd92759b170f694a1e8137abea6e29
SHA512

d50e26291b2babbb4b431775bb8cd3227736abed9d0c06ac34c43d6b0498bcc17592d0f4666b868e2aa81d609f2051b8aa9551dcf0a001b1842bad00757e0d51
SSDEEP

3072:Hx6m6zaKowlhPo77Ao4HYjCQs3vGt61ejFgGk6Q9uUpMiTgYQ2wBsk:AWKomto7pahGQF6QppbgY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cb8d1402389b97774ef4f3d9eed46fde

Files

cb8d1402389b97774ef4f3d9eed46fde
.exe windows:5 windows x86 arch:x86

80606bb16c922433bacdbe0a314b3fa7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegCloseKey
RegCreateKeyExA
RegCreateKeyExW
RegDeleteKeyA
RegDeleteKeyW
RegOpenKeyExA
RegOpenKeyExW
RegQueryValueExA
RegQueryValueExW
RegSetValueExA
RegSetValueExW

user32

wsprintfA

kernel32

DeviceIoControl
ExitProcess
FlushFileBuffers
FormatMessageA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
FreeLibrary
GetACP
GetCPInfo
GetCommandLineA
GetEnvironmentStrings
GetEnvironmentStringsW
GetFileType
GetLastError
GetLocaleInfoA
GetModuleFileNameA
GetModuleHandleA
GetOEMCP
GetProcAddress
GetStartupInfoA
GetStdHandle
GetStringTypeA
GetStringTypeW
GetSystemDirectoryA
GetSystemInfo
CloseHandle
GetVersionExA
HeapAlloc
HeapCreate
HeapDestroy
HeapFree
HeapReAlloc
LCMapStringA
LCMapStringW
LoadLibraryA
LocalAlloc
LocalFree
MultiByteToWideChar
RtlUnwind
SetConsoleCtrlHandler
SetFilePointer
SetHandleCount
CreateFileW
SetStdHandle
Sleep
UnhandledExceptionFilter
VirtualAlloc
VirtualFree
VirtualProtect
VirtualQuery
WideCharToMultiByte
WriteFile

ole32

CoTaskMemAlloc
CoTaskMemFree
CoTaskMemRealloc
CoCreateInstance
PropVariantClear
PropVariantCopy
StringFromGUID2
CoGetMalloc
CLSIDFromString

Sections

.text
Size: 156KB - Virtual size: 155KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 30KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 10KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

80606bb16c922433bacdbe0a314b3fa7

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

user32

kernel32

ole32

Sections

.text Size: 156KB - Virtual size: 155KB

.rdata Size: 30KB - Virtual size: 29KB

.data Size: 17KB - Virtual size: 32KB

.reloc Size: 10KB - Virtual size: 12KB

.rsrc Size: 10KB - Virtual size: 12KB

.text
Size: 156KB - Virtual size: 155KB

.rdata
Size: 30KB - Virtual size: 29KB

.data
Size: 17KB - Virtual size: 32KB

.reloc
Size: 10KB - Virtual size: 12KB

.rsrc
Size: 10KB - Virtual size: 12KB