cbf41283c059e432f6be70d7226eaa86

Sharing

Copy URL Twitter E-mail

General

Target

cbf41283c059e432f6be70d7226eaa86
Size

458KB
MD5

cbf41283c059e432f6be70d7226eaa86
SHA1

67c1e31f6547656e0737133f48ff2468a1597b3a
SHA256

657b9d13662981e2fbf63e7f46adcc88d6845bda88efcf79fe20dddb87d66dbe
SHA512

1d0315bc018ac35a8c4f94cc5acef63a85dc30d3b827d9ec9cedd7bdb9c8888dd6ad267e741da494daee93d3fcf4fd53238c17bc4f05aa3e542a4ca91a041a89
SSDEEP

12288:a69XkSmkhuavr6azOw4EskZ3WzJaJRrsTm:a6Jk/khB60OZkZ3Wz4Jz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cbf41283c059e432f6be70d7226eaa86

Files

cbf41283c059e432f6be70d7226eaa86
.exe windows:4 windows x86 arch:x86

1da5292ecbfcdbd496493371bf6a6348

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

FreeIconList
CommandLineToArgvW
ExtractIconW

gdi32

EndPage
GetCharWidthFloatA
Ellipse
FillRgn
FixBrushOrgEx
CreateDIBitmap
GetTextFaceA
SetWorldTransform
GetCharacterPlacementW
EndDoc
GetEnhMetaFileW
GetKerningPairs
CreatePalette
StartPage
SetViewportExtEx
CombineTransform
CreateBitmap
CombineRgn
ResetDCA
SetMapMode
FrameRgn
GetStockObject
CreateDIBSection
GdiFlush

kernel32

LocalReAlloc
WriteFile
SetConsoleCtrlHandler
GetCPInfo
MultiByteToWideChar
OpenEventW
GlobalFree
HeapAlloc
TerminateProcess
GetCommandLineA
GetTickCount
lstrcatA
EnumSystemLocalesA
lstrcmpA
GetACP
GetDateFormatA
GlobalFix
GetTimeFormatA
SetUnhandledExceptionFilter
EnterCriticalSection
GetModuleHandleA
SetWaitableTimer
DuplicateHandle
LCMapStringW
GetStdHandle
SetEnvironmentVariableA
GetLocaleInfoW
FoldStringW
TlsFree
InitializeCriticalSection
TlsGetValue
HeapFree
WideCharToMultiByte
GetStringTypeA
GetProcAddress
GetFileType
GetLastError
GetStartupInfoA
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
VirtualFree
FreeEnvironmentStringsW
RtlUnwind
LoadLibraryA
GetStringTypeW
GetEnvironmentStrings
VirtualQuery
InterlockedExchange
HeapSize
GetOEMCP
FreeEnvironmentStringsA
HeapCreate
SetHandleCount
SetVolumeLabelW
HeapDestroy
LeaveCriticalSection
DeleteCriticalSection
GetUserDefaultLCID
GetProcessHeap
QueryPerformanceCounter
VirtualAlloc
TlsAlloc
SetLastError
IsDebuggerPresent
InterlockedIncrement
CompareStringW
IsValidCodePage
GetModuleFileNameA
GetVersionExA
GetTimeZoneInformation
HeapReAlloc
GetCurrentThreadId
InterlockedDecrement
FreeLibrary
ExitProcess
IsValidLocale
CompareStringA
GetSystemTimeAsFileTime
WriteProfileStringW
LCMapStringA
TlsSetValue
GetLocaleInfoA
UnhandledExceptionFilter
GetEnvironmentStringsW
Sleep

Sections

.text
Size: 145KB - Virtual size: 145KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 285KB - Virtual size: 285KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1da5292ecbfcdbd496493371bf6a6348

Headers

File Characteristics

Imports

shell32

gdi32

kernel32

Sections

.text Size: 145KB - Virtual size: 145KB

.rdata Size: 8KB - Virtual size: 29KB

.data Size: 285KB - Virtual size: 285KB

.rsrc Size: 18KB - Virtual size: 17KB

.text
Size: 145KB - Virtual size: 145KB

.rdata
Size: 8KB - Virtual size: 29KB

.data
Size: 285KB - Virtual size: 285KB

.rsrc
Size: 18KB - Virtual size: 17KB