cbe6a33de303afa9da372db340f99e4f

Sharing

Copy URL

Twitter E-mail

General

Target

cbe6a33de303afa9da372db340f99e4f
Size

396KB
MD5

cbe6a33de303afa9da372db340f99e4f
SHA1

4689c6d6e2f936b6f91e3da836b67982b6a9e478
SHA256

b952287acb0b4900182e712d04783876b6faf466018df2e6f33be967c58b75ef
SHA512

db19e08228da17055a0b20b1accc89f4b3d1e014e3a356ef7b7a8ab0222534621a263d8da729e44cd634b18adfc60ca7c855dfbd9fbcea200288b5d9e6d0f820
SSDEEP

12288:tkZr5Q+MCkoC8RI3fEDmLESd0w6KF8xy6dpBejAVzDqQeah:x6C36dv2AVH4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cbe6a33de303afa9da372db340f99e4f

Files

cbe6a33de303afa9da372db340f99e4f
.exe windows:4 windows x86 arch:x86

b1e7763c8bd521b6f5ac6b7de6826c07

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\ctheojt\eteaa\qjjdtse\snd.pdb

Imports

advapi32

CreateServiceW

kernel32

GetCurrentThread
HeapFree
GetTimeFormatA
VirtualAllocEx
EnumResourceTypesW
GetSystemInfo
SystemTimeToTzSpecificLocalTime
InterlockedExchange
VirtualAlloc
GetStringTypeA
SetFilePointer
HeapSize
HeapCreate
GetCurrentProcess
GetLocaleInfoA
RtlUnwind
WritePrivateProfileStructA
GetNumberFormatA
InitializeCriticalSection
UnmapViewOfFile
GetACP
InterlockedCompareExchange
IsBadWritePtr
GetPriorityClass
IsValidCodePage
ContinueDebugEvent
GetCPInfo
GetLocaleInfoW
HeapAlloc
MultiByteToWideChar
GetMailslotInfo
GetPrivateProfileStringA
CompareStringA
SetConsoleOutputCP
EnumSystemLocalesA
FreeEnvironmentStringsA
EnumResourceNamesA
GetModuleHandleA
ExitProcess
TerminateProcess
LeaveCriticalSection
DeleteCriticalSection
GetCommandLineA
IsValidLocale
GetStartupInfoW
GetStdHandle
RtlZeroMemory
SetLocaleInfoA
GetEnvironmentStringsW
GetDateFormatA
FlushFileBuffers
HeapReAlloc
TlsFree
LCMapStringW
LoadLibraryA
lstrcpy
LoadModule
GetNamedPipeInfo
TryEnterCriticalSection
GetCurrentProcessId
ConvertDefaultLocale
LoadLibraryExA
TlsAlloc
WaitForMultipleObjectsEx
SetHandleCount
WriteProfileStringA
ReadConsoleOutputW
CompareFileTime
GetConsoleScreenBufferInfo
FileTimeToDosDateTime
ReadFile
GetThreadPriorityBoost
GetLongPathNameA
GetModuleFileNameA
SetEnvironmentVariableA
UnhandledExceptionFilter
GetPrivateProfileIntW
GetStringTypeW
VirtualQuery
CompareStringW
GetCompressedFileSizeA
CreateEventA
OpenMutexA
FreeEnvironmentStringsW
GetTempPathA
GetUserDefaultLCID
QueryPerformanceCounter
SetStdHandle
GetTimeZoneInformation
GetEnvironmentStrings
GetVersion
GetPrivateProfileIntA
GetFileType
FindNextChangeNotification
CreateMutexA
TlsGetValue
EnumTimeFormatsW
GetThreadContext
WriteConsoleOutputCharacterW
GetThreadPriority
GetProcAddress
TlsSetValue
SetLastError
HeapDestroy
CreateProcessA
GetModuleHandleW
GetStartupInfoA
GetSystemDirectoryA
OutputDebugStringA
GetVersionExA
WriteFile
LocalSize
VirtualFree
ReadConsoleW
SetEnvironmentVariableW
GetLastError
CloseHandle
FillConsoleOutputCharacterW
InitializeCriticalSectionAndSpinCount
GetProcessAffinityMask
GetCurrentThreadId
GetTickCount
OpenEventW
GetSystemTimeAsFileTime
ExpandEnvironmentStringsA
OpenWaitableTimerW
VirtualProtect
GetDiskFreeSpaceExA
LCMapStringA
EnterCriticalSection
WideCharToMultiByte
SetConsoleTitleA
SetEvent
GetConsoleCursorInfo
FindResourceA
GetCommandLineW
GetOEMCP
VirtualUnlock
GetNamedPipeHandleStateA
GetPrivateProfileStructA
GlobalFindAtomA

shell32

SHAddToRecentDocs
DragQueryFileAorW

comdlg32

ReplaceTextA
ChooseFontW
PrintDlgA
PageSetupDlgA

user32

EnableMenuItem
GetClipboardOwner
DefWindowProcW
LookupIconIdFromDirectory
GetMenu
CreateDesktopW
MessageBoxW
DdeQueryStringA
IsWindowEnabled
DestroyWindow
GetActiveWindow
RegisterClassExA
SendInput
VkKeyScanA
UnloadKeyboardLayout
GetClassInfoW
RegisterClassA
SetClipboardViewer
ShowWindow
CreateWindowExA
CheckDlgButton
GetWindow
FindWindowA
GetKeyboardLayout
IsCharAlphaNumericW
CreatePopupMenu
OffsetRect
EnumThreadWindows
GetInputDesktop
CharUpperBuffA
TranslateAcceleratorW
DefFrameProcA
GetDCEx
WINNLSGetIMEHotkey
InflateRect

comctl32

ImageList_Read
CreateStatusWindow
ImageList_DrawIndirect
ImageList_SetFilter
GetEffectiveClientRect
ImageList_Create
InitMUILanguage
DrawInsert
ImageList_EndDrag
MakeDragList
ImageList_Copy
InitCommonControlsEx
ImageList_DragEnter
CreateStatusWindowW
CreateStatusWindowA
ImageList_Destroy
ImageList_LoadImageA

gdi32

ExtCreatePen
GetMiterLimit
SelectClipRgn
GetCharWidthFloatA
GetClipRgn
GetROP2
SetWindowOrgEx
GetTextMetricsW
CreateBitmapIndirect
GetTextColor
GetPixelFormat
SetPaletteEntries
SetICMProfileA
ExtEscape
GetRandomRgn
FillRgn

Sections

.text
Size: 172KB - Virtual size: 169KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 68KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 96KB - Virtual size: 121KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 56KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b1e7763c8bd521b6f5ac6b7de6826c07

Headers

File Characteristics

PDB Paths

Imports

advapi32

kernel32

shell32

comdlg32

user32

comctl32

gdi32

Sections

.text Size: 172KB - Virtual size: 169KB

.rdata Size: 68KB - Virtual size: 66KB

.data Size: 96KB - Virtual size: 121KB

.rsrc Size: 56KB - Virtual size: 52KB

.text
Size: 172KB - Virtual size: 169KB

.rdata
Size: 68KB - Virtual size: 66KB

.data
Size: 96KB - Virtual size: 121KB

.rsrc
Size: 56KB - Virtual size: 52KB