cc1dfdce517449be93aa358e48c15772

Sharing

Copy URL Twitter E-mail

General

Target

cc1dfdce517449be93aa358e48c15772
Size

27KB
MD5

cc1dfdce517449be93aa358e48c15772
SHA1

64e27eb7af46b3a8dc91047131cee6bcc4083353
SHA256

2495efbdf15b1276568c933d7dcba811c86f3df7190788713de8a5593089c06a
SHA512

18fc7d8831223aab1c519382a0c1c08ccc4928547aa93ee89f47b4c7b36c7731dc3e4f7c90c978d18d2838b1d9ebc6922a47ef32364fa7c644f4f88d04d0b3a6
SSDEEP

384:cZ2llw5/RMKjaGPkn9Ge3n49xmf6Lq0iVxrHeB9HtN82sGGpSkAx2:jllw4K1Pk9DuxQ6LUVRerH8rn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cc1dfdce517449be93aa358e48c15772

Files

cc1dfdce517449be93aa358e48c15772
.exe windows:4 windows x86 arch:x86

0ac579a46906f5a5f3c8e89c028eb16c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_isatty
_chdir
_vsnwprintf
_mbclen
__STRINGTOLD
_fmode
vfprintf
_ismbcl0
_fcloseall
iswgraph
_execv
_wexecle
_ftime
fwscanf
_wpopen
_lrotl
_strdup
_mbsicmp
strxfrm
gmtime
_wspawnvp
wcscoll
putwchar
iswspace
atof
_mbsnbcat
_wsystem
calloc
_tell
wcsncat
_wchmod
__p__fmode

kernel32

GetLogicalDrives
lstrcmpW
SetConsoleCP
GetEnvironmentVariableW
lstrcmpiA
GetLocalTime
lstrlenA
GetNumberFormatW
Module32Next
UnhandledExceptionFilter
ReadConsoleOutputAttribute
lstrcpynA
lstrcmpi
GetComputerNameW
lstrcmpiW
LocalLock
GetModuleHandleW
lstrcmpA
OpenWaitableTimerA
GlobalAddAtomA
GetCPInfoExW
VirtualAlloc
GlobalDeleteAtom
CreateFileMappingW
lstrcpynW
GetSystemDirectoryA
ResumeThread
VirtualFree
ExitProcess
GetThreadLocale
lstrlenW
GetUserDefaultLangID
GetModuleHandleA
GetPrivateProfileSectionW
FindFirstFileExW
GlobalGetAtomNameA
PrepareTape
WaitForMultipleObjects
Sleep
GetConsoleOutputCP
RaiseException
QueueUserAPC
GetStartupInfoW
EnumDateFormatsExA
GetSystemTime
GetOEMCP

gdi32

FillPath
GetObjectType
CreateHatchBrush
SetGraphicsMode
GetTextMetricsW
GetViewportExtEx
GetPolyFillMode
ArcTo
GetMiterLimit
GetWinMetaFileBits
GetGraphicsMode
GetObjectW
FloodFill
SetBkMode
CreatePalette
GetMetaFileA
SetSystemPaletteUse
FixBrushOrgEx
GetMetaRgn
GetBkMode
SetPaletteEntries
SetDIBitsToDevice
IntersectClipRect
GetBitmapDimensionEx
Chord
CopyEnhMetaFileA
GetObjectA
GetGlyphOutlineW
GetViewportOrgEx
GetTextMetricsA
ExtCreateRegion

user32

BroadcastSystemMessageA
GetKeyboardType
LoadBitmapA
GetCursorInfo
WINNLSGetIMEHotkey
GetThreadDesktop
SwitchDesktop
ShowWindowAsync
SetDeskWallpaper
WinHelpA
CreateAcceleratorTableW
PostMessageA
GetMonitorInfoW
DdeAbandonTransaction
RegisterDeviceNotificationA
IsMenu
SetCursorPos
DialogBoxIndirectParamA
CheckMenuRadioItem
DdeQueryConvInfo
SetScrollRange
MessageBoxA
GetMenuBarInfo
ReuseDDElParam
CharUpperBuffW
GetMessageTime
CheckRadioButton
CreateMDIWindowA
ChangeDisplaySettingsA
ShowCaret

advapi32

LookupPrivilegeValueW
RegOpenKeyA
RegOpenKeyW
GetUserNameA
ReadEventLogA
CryptEncrypt
SetSecurityDescriptorSacl
GetExplicitEntriesFromAclA
GetSecurityDescriptorGroup
ReportEventW
GetFileSecurityW
GetOldestEventLogRecord
RegEnumKeyExA
GetFileSecurityA
GetUserNameW
AbortSystemShutdownW
GetNamedSecurityInfoExA
RegCreateKeyExA
CryptSetProviderW

Sections

.text
Size: 15KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.jdp
Size: 4KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ihkgw
Size: 3KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pafd
Size: 3KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0ac579a46906f5a5f3c8e89c028eb16c

Headers

File Characteristics

Imports

msvcrt

kernel32

gdi32

user32

advapi32

Sections

.text Size: 15KB - Virtual size: 16KB

.jdp Size: 4KB - Virtual size: 9KB

.ihkgw Size: 3KB - Virtual size: 8KB

.pafd Size: 3KB - Virtual size: 25KB

.reloc Size: 1024B - Virtual size: 1KB

.text
Size: 15KB - Virtual size: 16KB

.jdp
Size: 4KB - Virtual size: 9KB

.ihkgw
Size: 3KB - Virtual size: 8KB

.pafd
Size: 3KB - Virtual size: 25KB

.reloc
Size: 1024B - Virtual size: 1KB