cbc8205a775a2b16823a434383a6332b

Sharing

Copy URL Twitter E-mail

General

Target

cbc8205a775a2b16823a434383a6332b
Size

95KB
MD5

cbc8205a775a2b16823a434383a6332b
SHA1

7f80fb7bd1a6e79f79a46f89d811303f1ad5e365
SHA256

d061e5a1c6d4599b3791b9c322e74b9b091d4a98071fa90b75d0f9998df8185c
SHA512

bf6ea4c6ced6b3a53ebc3d586c6fdfce5f97e90faa4cc4ddac882f0418d9fa447480fde741b5acbfc7d545cacc8493fabc91084784fdc0167ec52cfa460a7acd
SSDEEP

1536:7w1hs5jZsOR+WBwFiRzak8AyU7v7qD1lnicPkfnSe:sHY1sOR+SwKza2k1lniMkfS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cbc8205a775a2b16823a434383a6332b

Files

cbc8205a775a2b16823a434383a6332b
.exe windows:4 windows x86 arch:x86

80caef818169c8c81fc64063fb62a9b9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

googleearth_consumer.pdb

Imports

kernel32

CloseHandle
CreateFileMappingW
UnmapViewOfFile
MapViewOfFile
GetFileSize
CreateFileW
MultiByteToWideChar
GetSystemTimeAsFileTime
GetTickCount
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetStartupInfoA
InterlockedCompareExchange
RaiseException
LoadLibraryA
InterlockedExchange
FreeLibrary
GetProcAddress
LocalAlloc
QueryPerformanceFrequency
Sleep
GetCurrentThreadId
GetCurrentProcessId
GetLastError
QueryPerformanceCounter
GetCommandLineA

msvcp80

?substr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV12@II@Z
?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDI@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
??A?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAADI@Z
?erase@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@II@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?_Raise_handler@std@@3P6AXABVexception@stdext@@@ZA
?_Throw@std@@YAXABVexception@stdext@@@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??$?HDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBDABV10@@Z
??$?HDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@PBD@Z

msvcr80

strlen
rewind
_controlfp_s
_invoke_watson
_except_handler4_common
?_type_info_dtor_internal_method@type_info@@QAEXXZ
?terminate@@YAXXZ
_crt_debugger_hook
_decode_pointer
_onexit
_lock
__dllonexit
_unlock
__set_app_type
_encode_pointer
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_configthreadlocale
_initterm_e
_initterm
_acmdln
exit
_ismbblead
_XcptFilter
_exit
_invalid_parameter_noinfo
__getmainargs
_amsg_exit
clock
_snprintf
fclose
ftell
fprintf
memmove_s
fread
getenv
fseek
??_V@YAXPAX@Z
??3@YAXPAX@Z
fopen
??2@YAPAXI@Z
_purecall
_cexit

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 77KB - Virtual size: 78KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

pbkmurn
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

80caef818169c8c81fc64063fb62a9b9

Headers

File Characteristics

PDB Paths

Imports

kernel32

msvcp80

msvcr80

Sections

.text Size: 8KB - Virtual size: 8KB

.rdata Size: 7KB - Virtual size: 6KB

.data Size: 1024B - Virtual size: 1KB

.rsrc Size: 77KB - Virtual size: 78KB

pbkmurn Size: - Virtual size: 4KB

.text
Size: 8KB - Virtual size: 8KB

.rdata
Size: 7KB - Virtual size: 6KB

.data
Size: 1024B - Virtual size: 1KB

.rsrc
Size: 77KB - Virtual size: 78KB

pbkmurn
Size: - Virtual size: 4KB