cbd5b6c481fd4d4e31969a4eab515e28

Sharing

Copy URL Twitter E-mail

General

Target

cbd5b6c481fd4d4e31969a4eab515e28
Size

546KB
MD5

cbd5b6c481fd4d4e31969a4eab515e28
SHA1

23dd394564ee7abead3f1ceb98c44018534c5d95
SHA256

af57a9aac980cd5d76e302ed481c0c077b0c7441de9f3113144b779a3ff13c29
SHA512

dcec403cb2052ff299e17e4c71ec9c0fa86ecd41e889186de96e2717e144d940e76520233547d29bae6319667fa71fb8aa25fcef9764fa1d321d6042386e0b14
SSDEEP

12288:ZxMWDcLRIZ2mc64Wul//0PdZen7cLygy72n0OD2uPmAQB9n:fMYcLRIZBc6xI/aZe7cXtnz2uPLQnn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cbd5b6c481fd4d4e31969a4eab515e28

Files

cbd5b6c481fd4d4e31969a4eab515e28
.exe windows:4 windows x86 arch:x86

80e48ddab8d5ad0764076b6aa48b806d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

CryptExportKey
RegSetValueExA
CryptSetProviderExA
AbortSystemShutdownA
CryptDuplicateKey
DuplicateTokenEx
CryptAcquireContextA
CryptGetKeyParam
CryptAcquireContextW
RegCreateKeyA
CryptEnumProviderTypesW
CryptGetProvParam

comctl32

ImageList_Create
InitCommonControlsEx
CreatePropertySheetPageW
DrawStatusTextA

user32

RegisterClassExA
IsWindowUnicode
SetMessageQueue
RegisterClassA
CharUpperA
ImpersonateDdeClientWindow
ScrollDC
GetWindowDC
GetGUIThreadInfo
CreateDialogParamA
CreateIcon

comdlg32

ReplaceTextW
GetOpenFileNameW
GetSaveFileNameW
ChooseFontA

gdi32

DPtoLP
GetCharABCWidthsW
DeviceCapabilitiesExW
GetMiterLimit
GetBkMode
ResetDCA
GdiPlayScript
GetTextCharsetInfo
CreateRoundRectRgn

wininet

CreateUrlCacheContainerA

kernel32

GetCurrentThreadId
GetStringTypeA
DeleteCriticalSection
EnterCriticalSection
WideCharToMultiByte
GetLocaleInfoW
GetUserDefaultLCID
GetTimeFormatA
VirtualLock
CloseHandle
GetCommandLineA
CompareStringA
FreeEnvironmentStringsW
IsValidLocale
SetThreadContext
InterlockedIncrement
SetHandleCount
GetFileAttributesExW
TlsAlloc
GetModuleFileNameA
WriteConsoleW
GetCPInfo
GetCurrentProcessId
VirtualAlloc
GetThreadSelectorEntry
GetEnvironmentStringsW
LocalFlags
GetSystemTimeAsFileTime
GetEnvironmentStrings
DebugBreak
LoadLibraryA
GetOEMCP
TlsSetValue
HeapDestroy
HeapSize
SetStdHandle
WriteProfileSectionW
TlsFree
LocalShrink
CompareStringW
SetVolumeLabelW
GetTickCount
GetCurrentProcess
GetDateFormatA
LeaveCriticalSection
InitializeCriticalSection
GetConsoleOutputCP
ExitProcess
IsValidCodePage
WriteFile
InterlockedExchange
LCMapStringA
GetProcessHeap
GetConsoleMode
LCMapStringW
GetACP
GlobalFindAtomA
SetWaitableTimer
HeapCreate
GetTempFileNameA
FreeLibrary
FlushFileBuffers
GetTimeZoneInformation
ReadFile
GetStartupInfoA
SetFilePointer
LoadModule
TerminateProcess
CreateMutexA
EnumSystemLocalesA
GetCurrentThread
IsDebuggerPresent
FreeEnvironmentStringsA
GetConsoleCP
HeapReAlloc
HeapFree
GetModuleHandleA
VirtualQuery
MultiByteToWideChar
OpenMutexA
RtlUnwind
VirtualFree
SetUnhandledExceptionFilter
InterlockedDecrement
GetProcAddress
FileTimeToLocalFileTime
GetDiskFreeSpaceExA
GetStringTypeW
SetLastError
GetFileType
GetStdHandle
GetDiskFreeSpaceA
HeapAlloc
lstrcmpiA
GetLastError
SetConsoleCtrlHandler
Sleep
UnhandledExceptionFilter
QueryPerformanceCounter
GetLocaleInfoA
WriteConsoleA
SetEnvironmentVariableA
GetVersionExA
lstrcpyW
CreateFileA
TlsGetValue

Sections

.text
Size: 338KB - Virtual size: 338KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 153KB - Virtual size: 149KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

80e48ddab8d5ad0764076b6aa48b806d

Headers

File Characteristics

Imports

advapi32

comctl32

user32

comdlg32

gdi32

wininet

kernel32

Sections

.text Size: 338KB - Virtual size: 338KB

.rdata Size: 36KB - Virtual size: 53KB

.data Size: 153KB - Virtual size: 149KB

.rsrc Size: 18KB - Virtual size: 17KB

.text
Size: 338KB - Virtual size: 338KB

.rdata
Size: 36KB - Virtual size: 53KB

.data
Size: 153KB - Virtual size: 149KB

.rsrc
Size: 18KB - Virtual size: 17KB