cbeefce90e932eead9cd3f1890d18030

General

Target

cbeefce90e932eead9cd3f1890d18030
Size

52KB
MD5

cbeefce90e932eead9cd3f1890d18030
SHA1

1250eaf947c522664dd3af3ddbcf68572aefde1f
SHA256

6234510ed138bfd62eb96af508f75048846e1cb4b534796f309ec79ffff2c032
SHA512

0febbd6fa39534fa9c5d24a0df993ed7e644e722a9803bd4b13d543e2bb998fb0000eef264bad012404044a3a04b693d8ff6def4a5abddb7d7d0d0cea478f16b
SSDEEP

768:PWyr6h9Icikef3eODR8s+e/P0z4XgS3bPAFuvCq69on:N+Sec8T60zKgObPAFuKDo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cbeefce90e932eead9cd3f1890d18030

Files

cbeefce90e932eead9cd3f1890d18030
.exe windows:4 windows x86 arch:x86

d3e78c5d916146c09522c78f4e2dc4a6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Sleep
GetEnvironmentStringsW
GetEnvironmentVariableA
GetVersionExA
GetFileType
DeleteFileA
SetEndOfFile
LCMapStringW
GetTimeZoneInformation
GetSystemTime
GetLocalTime
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
ExitProcess
WideCharToMultiByte
TerminateProcess
GetCurrentProcess
HeapFree
GetLastError
CloseHandle
ReadFile
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetVersion
SetHandleCount
GetStdHandle
LoadLibraryA
GetACP
LCMapStringA
HeapDestroy
HeapCreate
VirtualFree
RtlUnwind
WriteFile
SetFilePointer
MultiByteToWideChar
GetCPInfo
CompareStringA
CompareStringW
VirtualAlloc
GetOEMCP
SetEnvironmentVariableA
HeapAlloc
GetStringTypeA
GetStringTypeW
HeapReAlloc
SetStdHandle
FlushFileBuffers
CreateFileA
GetProcAddress

advapi32

RegQueryValueExA
RegSetValueExA
RegOpenKeyExA
RegCloseKey
RegFlushKey

shell32

ShellExecuteA

wininet

InternetGetConnectedState

urlmon

URLDownloadToFileA

Sections

.text
Size: 32KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

d3e78c5d916146c09522c78f4e2dc4a6

Headers

File Characteristics

Imports

kernel32

advapi32

shell32

wininet

urlmon

Sections

.text Size: 32KB - Virtual size: 29KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 12KB - Virtual size: 17KB

.text
Size: 32KB - Virtual size: 29KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 12KB - Virtual size: 17KB