cbba780685c38656c1b5fc29005975b7

General

Target

cbba780685c38656c1b5fc29005975b7
Size

173KB
MD5

cbba780685c38656c1b5fc29005975b7
SHA1

779d5ea87538a7572a51ae957f5b4bf0905859fd
SHA256

e73f9500f35677070e24bda349dc255dc13c645bd2eefe39a8dcac5f1318f7aa
SHA512

1c21a70f3b2ae4aebdf314d4637e6a1eb2e0fba4dbf1984bb74c4400ddebd99ad7aa65b50cf29c85f41e7d5717ce3034b9217bc5f868412cae35aaefebb1c15b
SSDEEP

3072:0ydPUyOHonCfopSje8I+XTrqkvlJxLzgjjPRNLbTDKTsiVnK1fKgBC:tUyOIIFy+DJVz05NvSTdVnKggA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cbba780685c38656c1b5fc29005975b7

Files

cbba780685c38656c1b5fc29005975b7
.exe windows:4 windows x86 arch:x86

95c218a9ef031bd758fdf72759dc751c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

shell32

ShellExecuteA
Shell_NotifyIconA

kernel32

GlobalFindAtomW
FreeLibrary
FindFirstFileW
GetModuleHandleA
GetCurrentProcessId
LoadLibraryExA
CopyFileW
FindNextFileW
HeapAlloc
SetFileAttributesW
GetSystemInfo
ReleaseMutex
lstrcmpiW
GetModuleHandleW
GetSystemDirectoryW
HeapFree
GetPrivateProfileStringW
EnumResourceLanguagesA
ExpandEnvironmentStringsW
LoadLibraryW
GetProcAddress
FindClose
FormatMessageW
GetProcessHeap
WritePrivateProfileStringW
GetWindowsDirectoryA
lstrlenA
LoadLibraryExW
LocalFree
WaitForSingleObject
GetPrivateProfileIntW
GetCurrentDirectoryW
CreateMutexW
GetCurrentProcess

rpcrt4

UuidCreate

shlwapi

GetAcceptLanguagesA
PathRemoveFileSpecW
PathCreateFromUrlW
StrCmpIW
UrlCreateFromPathW
UrlUnescapeW
PathAppendW
PathFindExtensionW
PathIsRelativeW
PathCombineW

Sections

.text
Size: 89KB - Virtual size: 480KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 80KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

95c218a9ef031bd758fdf72759dc751c

Headers

File Characteristics

Imports

shell32

kernel32

rpcrt4

shlwapi

Sections

.text Size: 89KB - Virtual size: 480KB

.rdata Size: 1KB - Virtual size: 1KB

.data Size: 80KB - Virtual size: 80KB

.rsrc Size: 1024B - Virtual size: 4KB

.text
Size: 89KB - Virtual size: 480KB

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: 80KB - Virtual size: 80KB

.rsrc
Size: 1024B - Virtual size: 4KB