cc1847dbd1ab8ccb6074b3805ecff2e8

Sharing

Copy URL Twitter E-mail

General

Target

cc1847dbd1ab8ccb6074b3805ecff2e8
Size

2.3MB
MD5

cc1847dbd1ab8ccb6074b3805ecff2e8
SHA1

515de0888acc8d2b9f79f470d7dbec0d0ef04188
SHA256

863a7b605989681ebb52777cc150d7a14427421674debc6b809e6dc331a5675b
SHA512

cc01bf9214804c428b6ab925862e54147624822b5f92d2b78ed5236a6816b72646aaf21f76cf5af84f8cf1882f5b802a2cda5529edebce5bfa94f4a404f6d144
SSDEEP

49152:2AiY5OvRsY+7Twk7mFYSBBQCcnLP/iAbuB/qJOUCS0333TmIPc5kNdHd+aL1ouNZ:

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cc1847dbd1ab8ccb6074b3805ecff2e8

Files

cc1847dbd1ab8ccb6074b3805ecff2e8
.exe windows:4 windows x86 arch:x86

4508d9145b863400af6bfc5e0c1bf361

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

IsTextUnicode
RegOpenKeyExA
RegSetValueExW
RegQueryValueExA
RegCreateKeyW
RegQueryValueExW
RegCloseKey

kernel32

UnmapViewOfFile
lstrcmpW
GetACP
InterlockedDecrement
FreeResource
HeapReAlloc
GetUserDefaultUILanguage
GetSystemDirectoryW
ExitProcess
GetLocaleInfoW
InitializeCriticalSectionAndSpinCount
GetCurrentProcess
lstrcmpA
GetModuleHandleW
LocalAlloc
LocalFree
GetSystemTimeAsFileTime
GetProcessHeap
LocalUnlock
TlsFree
MultiByteToWideChar
LockResource
lstrcpyA
CreateFileW
LoadLibraryExW
CloseHandle
GetModuleFileNameA
WideCharToMultiByte
GetTickCount
lstrcmpiW
GetCurrentThreadId
SizeofResource
GetConsoleCP
DeleteFileW
RtlUnwind
GetVersionExW
SetUnhandledExceptionFilter
GlobalFree
CreateProcessA
GlobalLock
GetCommandLineA
FindResourceA
TerminateProcess
GetOEMCP
InterlockedIncrement
GetLocaleInfoA
VirtualProtect
GetTimeFormatW
UnhandledExceptionFilter
lstrcpynW
GetLocalTime
DeleteCriticalSection
TlsAlloc
QueryPerformanceCounter
DuplicateHandle
ReadFile
FormatMessageA
LoadLibraryA
FreeLibrary
CompareStringW
HeapCreate
GetDateFormatW
GetCurrentProcessId
CompareStringA
Sleep
SetEvent
InterlockedCompareExchange
GetEnvironmentStrings
WriteFile
SetEndOfFile
MapViewOfFile
SetFileAttributesW
FormatMessageW
CompareFileTime
GetFileAttributesW
TlsGetValue
CreateThread
CreateFileMappingW
GetFileInformationByHandle
GetFileType
FoldStringW
GetCPInfo
MulDiv
InterlockedExchange
lstrlenW
OutputDebugStringA
MoveFileW
IsDBCSLeadByte
LocalReAlloc
GlobalUnlock
GetStartupInfoA
SetFileTime
CopyFileW
LCMapStringW
lstrcpyW
GetProcAddress
FlushFileBuffers
ExpandEnvironmentStringsW
LocalSize
FreeEnvironmentStringsW
SetLastError
EnterCriticalSection
FindClose
GetStringTypeA
VirtualAlloc
FindFirstFileW
RaiseException
SetErrorMode
GetModuleHandleA
lstrcatW
GetLastError
GetUserDefaultLCID
GetVersionExA
LocalLock
GetCommandLineW

user32

EnableMenuItem
IsDlgButtonChecked
MessageBoxW
SetCursor
GetWindowThreadProcessId
EnumChildWindows
ScreenToClient
RegisterClassExW
CharUpperW
IsIconic
GetSystemMetrics
DefWindowProcW
SetDlgItemTextW
CreateWindowExA
SetForegroundWindow
SendDlgItemMessageW
SetFocus
SetWindowTextW
IsRectEmpty
PostQuitMessage
RegisterWindowMessageW
MapWindowPoints
CloseClipboard
GetFocus
EndPaint
RemoveMenu
DeleteMenu
WindowFromPoint
SetActiveWindow
EnableWindow
SetScrollPos
ClientToScreen
GetDlgItem
GetMenuState
GetDesktopWindow
ReleaseDC
GetSubMenu
GetForegroundWindow
MessageBoxA
DestroyWindow
DispatchMessageW
MoveWindow
GetMenu
GetScrollInfo
GetClientRect
SetWinEventHook
LoadIconW
PostMessageW
CharNextW
GetWindowLongW
OpenClipboard
wsprintfW
CreateWindowExW
PeekMessageW
DestroyMenu
SendMessageW
LoadStringA
CheckMenuItem
SetWindowPos
WinHelpW
IsDialogMessageW
TranslateMessage
CharNextA
CreateDialogParamW
ReleaseCapture
IsClipboardFormatAvailable
ShowWindow
GetKeyboardLayout
GetWindowTextW
LoadAcceleratorsW
GetParent
GetDC
SetWindowsHookExA
GetMenuItemCount
EnumThreadWindows
UpdateWindow
IsDialogMessageA
GetWindowLongA
SetWindowPlacement
DrawTextExW
UnhookWinEvent
ChildWindowFromPoint
MessageBeep
UnregisterClassW
LoadCursorW
EndDialog
TranslateAcceleratorW
SystemParametersInfoW
IsWindow
DestroyIcon
GetSystemMenu
SetWindowLongW
LoadImageW
RegisterWindowMessageA
CheckRadioButton
InvalidateRect
CharLowerW
GetDlgCtrlID
GetCursorPos
DrawTextA
LoadStringW
DialogBoxParamW
wsprintfA
GetMessageW
GetWindowPlacement
GetDlgItemTextW

gdi32

SetBkMode
CreateFontIndirectW
GetStockObject
SetMapMode
SetWindowExtEx
SetViewportExtEx
GetObjectW
EndPage
SetAbortProc
GetDeviceCaps
DeleteObject
CreateDCW
SelectObject
TextOutW
GetTextFaceW
GetTextMetricsW
StartDocW
GetTextExtentPoint32W
LPtoDP
DeleteDC
AbortDoc
EndDoc
StartPage
EnumFontsW

msvcrt

__setusermatherr
_onexit
__p__fmode
_initterm
__CxxFrameHandler
malloc
wcsncpy
??1type_info@@UAE@XZ
_adjust_fdiv
exit
__getmainargs
wcsstr
iswctype
_c_exit
_acmdln
localtime
_cexit
??3@YAXPAX@Z
wcschr
_vsnwprintf
wcsncmp
_exit
_controlfp
strncmp
time
_snwprintf
__set_app_type
memset
strchr
__p__commode
isdigit
_CxxThrowException
memmove
_wtol
_XcptFilter

shell32

ShellAboutW
DragQueryFileW
DragAcceptFiles
DragFinish

winspool.drv

ClosePrinter
OpenPrinterW
GetPrinterDriverW

comdlg32

PageSetupDlgW
FindTextW
PrintDlgExW
CommDlgExtendedError
GetFileTitleW
GetOpenFileNameW
GetSaveFileNameW
ChooseFontW
ReplaceTextW

comctl32

CreateStatusWindowW

Sections

.text
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 369KB - Virtual size: 369KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1.9MB - Virtual size: 1.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 182B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4508d9145b863400af6bfc5e0c1bf361

Headers

File Characteristics

Imports

advapi32

kernel32

user32

gdi32

msvcrt

shell32

winspool.drv

comdlg32

comctl32

Sections

.text Size: 10KB - Virtual size: 9KB

.rdata Size: 369KB - Virtual size: 369KB

.data Size: 1.9MB - Virtual size: 1.9MB

.reloc Size: 512B - Virtual size: 182B

.rsrc Size: 2KB - Virtual size: 1KB

.text
Size: 10KB - Virtual size: 9KB

.rdata
Size: 369KB - Virtual size: 369KB

.data
Size: 1.9MB - Virtual size: 1.9MB

.reloc
Size: 512B - Virtual size: 182B

.rsrc
Size: 2KB - Virtual size: 1KB