cbcf121cb143ff9d35b69cf4b457e364

Sharing

Copy URL Twitter E-mail

General

Target

cbcf121cb143ff9d35b69cf4b457e364
Size

381KB
MD5

cbcf121cb143ff9d35b69cf4b457e364
SHA1

90152c6611017c0f757f743a8f145f14045db4da
SHA256

e3846c723fbde9516ceb29ffadb6df84a9afa8d54f67ff1931a4c3ea03b01efb
SHA512

b8ac43da9177fdb42a9021c49197fffd41e3d87f67fd00a143d5dacfd8249061f544f32c34c37a411a6d37efd084bc9818ef7d19bdc452eb043e5e8dec102718
SSDEEP

6144:MieWF4e5u0F9UNmKXCeLA2UxE8TTEvJ/Z5pzjLpm0:MiJ/5u0XzKXCeuxEok/bprpm0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cbcf121cb143ff9d35b69cf4b457e364

Files

cbcf121cb143ff9d35b69cf4b457e364
.exe windows:4 windows x86 arch:x86

dc6ade983083e2fc3fb986d9dda10466

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

f:\qkbtsg\ehwzsoig\

Imports

advapi32

CryptDestroyKey
LookupPrivilegeNameA
CryptAcquireContextW
CryptGenKey
RegQueryMultipleValuesW
RegLoadKeyA
LookupAccountNameW
InitiateSystemShutdownW
RegCreateKeyA

kernel32

GetDateFormatA
GetCurrentThreadId
CloseHandle
WideCharToMultiByte
GetCurrentProcess
GetCPInfo
TerminateProcess
AddAtomW
SetFilePointer
TlsAlloc
GetACP
CreateMutexA
GetModuleHandleA
RtlUnwind
LCMapStringA
GetComputerNameA
SetEnvironmentVariableA
GetTickCount
InterlockedDecrement
FreeEnvironmentStringsA
GetStdHandle
SetConsoleCtrlHandler
CreateFileA
InterlockedExchange
WriteConsoleA
DeleteCriticalSection
HeapAlloc
WriteFile
FlushFileBuffers
WriteConsoleOutputCharacterA
LeaveCriticalSection
GetCurrentThread
GetTimeZoneInformation
SetHandleCount
VirtualFree
SetLastError
GetEnvironmentStringsW
VirtualQuery
HeapSize
EnterCriticalSection
MultiByteToWideChar
InitializeCriticalSectionAndSpinCount
GetLocaleInfoA
HeapCreate
FreeLibrary
GetStringTypeA
UnhandledExceptionFilter
WriteConsoleW
GetOEMCP
QueryPerformanceCounter
GetLastError
HeapFree
GetEnvironmentStrings
TlsGetValue
GetCurrentProcessId
GetConsoleCP
Sleep
GetModuleFileNameA
GetUserDefaultLCID
HeapDestroy
GetProcAddress
GetConsoleMode
ExitProcess
InterlockedIncrement
GetStringTypeW
IsValidLocale
HeapReAlloc
SetStdHandle
GetFileType
FreeEnvironmentStringsW
CompareStringW
LCMapStringW
GetModuleHandleW
GetLocaleInfoW
TlsFree
LoadLibraryA
IsValidCodePage
OpenMutexA
TlsSetValue
EnumSystemLocalesA
IsDebuggerPresent
VirtualAlloc
CompareStringA
SetUnhandledExceptionFilter
GetSystemTimeAsFileTime
GetCommandLineA
ReadFile
GetConsoleOutputCP
GetTimeFormatA
GetStartupInfoA

user32

LoadStringW
RegisterClipboardFormatA
SetWinEventHook
DispatchMessageW
CreateIconFromResourceEx
IsCharAlphaW
DefWindowProcA
EnumThreadWindows
RegisterClassA
DestroyWindow
GetKeyboardLayout
ShowWindow
SetCapture
EnableMenuItem
ModifyMenuW
RegisterClassExA
GetDC
ExcludeUpdateRgn
CreateWindowExW
ChangeDisplaySettingsExW
MessageBoxA

comctl32

ImageList_Add
ImageList_GetDragImage
DrawStatusTextA
ImageList_SetBkColor
ImageList_AddIcon
ImageList_LoadImageA
CreatePropertySheetPageA
DrawStatusText
ImageList_GetIconSize
ImageList_GetImageInfo
ImageList_SetFilter
CreateToolbarEx
ImageList_Remove
ImageList_SetOverlayImage
ImageList_Replace
CreateMappedBitmap
InitCommonControlsEx
ImageList_GetImageCount
ImageList_ReplaceIcon
ImageList_Read
DrawStatusTextW
ImageList_DrawEx
ImageList_Copy
ImageList_Duplicate
CreatePropertySheetPage

Sections

.text
Size: 217KB - Virtual size: 217KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 17KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 88KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 57KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

dc6ade983083e2fc3fb986d9dda10466

Headers

File Characteristics

PDB Paths

Imports

advapi32

kernel32

user32

comctl32

Sections

.text Size: 217KB - Virtual size: 217KB

.rdata Size: 17KB - Virtual size: 44KB

.data Size: 88KB - Virtual size: 88KB

.rsrc Size: 57KB - Virtual size: 56KB

.text
Size: 217KB - Virtual size: 217KB

.rdata
Size: 17KB - Virtual size: 44KB

.data
Size: 88KB - Virtual size: 88KB

.rsrc
Size: 57KB - Virtual size: 56KB