cc0a56652de2d77fd5c3b2a3821c4f13

Sharing

Copy URL

Twitter E-mail

General

Target

cc0a56652de2d77fd5c3b2a3821c4f13
Size

70KB
MD5

cc0a56652de2d77fd5c3b2a3821c4f13
SHA1

da77a5a889fd8c8c970a9bb0aa85c6d587c735e3
SHA256

fd761a2f56e6129036324fc60fb028bceca31251a20eb1f1792378db6064239f
SHA512

501b78d15014a2d9df3b59bf0ae43a390dd906913a16756409032a87e0a0125445d41f9c375ef8f1e80ec6567050903634eb7ea710d3ccfbac10795441004344
SSDEEP

1536:BdmcOC6zVdIIFZn0sn8r9peo5k5Klo6af883SPu4p:B8Vdzd0AqpP5k5Ke6aZS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cc0a56652de2d77fd5c3b2a3821c4f13

Files

cc0a56652de2d77fd5c3b2a3821c4f13
.exe windows:4 windows x86 arch:x86

b313234a9f8487504fe75c2b5e31e9f2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateProcessA
GetFileSize
GetComputerNameA
SetLastError
CopyFileA
WriteFile
GetStdHandle
OpenFileMappingA
CopyFileW
CopyFileExW
DeleteAtom
GetFileTime
GlobalFree
ReadConsoleA
GetConsoleMode
ExitThread
DeleteFileW
DeleteFileA
FindAtomA
OpenFile
GetCommandLineA

gdi32

CreateSolidBrush
ClearBitmapAttributes
AddFontResourceA
AddFontResourceExW
ClearBrushAttributes
ExcludeClipRect
BeginPath
AddFontResourceTracking
GetPixel
GetCurrentPositionEx
AddFontMemResourceEx
GetPixel
GetDCOrgEx
AddFontResourceExA
ExtTextOutA
BitBlt
GetBitmapBits

comctl32

ImageList_GetIconSize
InitCommonControls
ImageList_Copy
ImageList_Destroy
ImageList_LoadImageA
ImageList_AddMasked
ImageList_DragLeave
ImageList_GetDragImage
ImageList_GetImageInfo
ImageList_EndDrag
ImageList_GetIcon
ImageList_ReplaceIcon
ImageList_DragEnter
ImageList_GetImageRect
ImageList_Read
ImageList_GetImageCount
ImageList_BeginDrag
ImageList_AddIcon
ImageList_DragShowNolock

advapi32

RegEnumKeyW
RegQueryValueExA
RegFlushKey
RegQueryInfoKeyW
RegOpenKeyA
RegCreateKeyW
RegEnumKeyExA
RegEnumKeyA
RegOpenKeyExA
RegDeleteKeyA
RegEnumKeyExW
RegLoadKeyW
RegQueryValueExW
RegLoadKeyA
RegQueryValueW
RegQueryInfoKeyA
RegReplaceKeyW
RegGetKeySecurity
RegDeleteKeyW
RegReplaceKeyA
RegOpenKeyW

user32

BlockInput
GetFocus
DialogBoxParamW
AlignRects
DrawIconEx
GetDlgItem
DrawTextA
CopyIcon
DrawIcon
DialogBoxParamA
GetDC
CloseWindow
CalcMenuBar
GetCursor
DrawTextW
CopyImage
GetMenu
IsMenu

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 61KB - Virtual size: 154KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 721B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: - Virtual size: 64B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b313234a9f8487504fe75c2b5e31e9f2

Headers

File Characteristics

Imports

kernel32

gdi32

comctl32

advapi32

user32

Sections

.text Size: 4KB - Virtual size: 3KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 61KB - Virtual size: 154KB

.rsrc Size: 1024B - Virtual size: 721B

.reloc Size: - Virtual size: 64B

.text
Size: 4KB - Virtual size: 3KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 61KB - Virtual size: 154KB

.rsrc
Size: 1024B - Virtual size: 721B

.reloc
Size: - Virtual size: 64B