cc23ad874fd2f0f84796d049f86105af

Sharing

Copy URL Twitter E-mail

General

Target

cc23ad874fd2f0f84796d049f86105af
Size

587KB
MD5

cc23ad874fd2f0f84796d049f86105af
SHA1

6fb154aeca4da489d9cc03040316bca3d355b668
SHA256

a846ad079bc40e781e50b58c657e8d09868db714ea31a4693c63f537f8a7336d
SHA512

3c2d75f985eb91002ddc88e23d0c292b972904c67a644fb11f13fefded5db93084467b62c76afae97c0e6d8eae928fa1d09bf8a3d6e36bc322fe0265249ab034
SSDEEP

12288:Pm/skaI0Zva6MEuQ/W6DYPa68X3P5lnjLbI2ZwfP:u/sC0ZvYEuQu6DYPaHHPjjLbvZQP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cc23ad874fd2f0f84796d049f86105af

Files

cc23ad874fd2f0f84796d049f86105af
.exe windows:4 windows x86 arch:x86

c7f1eebea9b21d84e3e7425c21a1160d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTickCount
SetLastError
HeapAlloc
GetSystemTimeAsFileTime
HeapReAlloc
HeapDestroy
FlushFileBuffers
FindClose
RtlZeroMemory
GetEnvironmentStrings
GetEnvironmentStringsW
OutputDebugStringA
RtlUnwind
GetFileType
GetLastError
TlsGetValue
GetVersionExA
lstrcmp
OpenMutexA
CreateMutexA
GetProfileIntA
IsValidLocale
SetStdHandle
SetConsoleCP
CloseHandle
LeaveCriticalSection
GetSystemInfo
GetOEMCP
MultiByteToWideChar
QueryPerformanceCounter
GetLocalTime
TlsSetValue
HeapSize
GetCurrentProcess
FreeEnvironmentStringsW
InitializeCriticalSection
HeapFree
GetCurrentThreadId
EnterCriticalSection
GetLocaleInfoW
EnumResourceLanguagesW
GetDiskFreeSpaceW
GetModuleHandleA
GetCalendarInfoW
GetStringTypeA
ReadConsoleInputA
HeapCreate
VirtualProtect
GetCurrentProcessId
GetCPInfo
SetEnvironmentVariableA
GetStdHandle
DeleteCriticalSection
GetCommandLineA
InterlockedExchange
GetModuleFileNameA
GetUserDefaultLCID
GetCurrentThread
GetDateFormatA
IsValidCodePage
LoadLibraryA
GetACP
ReleaseSemaphore
SetFilePointer
WriteProfileStringA
CreateFileA
TerminateProcess
CompareStringA
GetStartupInfoW
EnumSystemLocalesA
WriteFile
ExitProcess
GetTimeZoneInformation
GetCommandLineW
WideCharToMultiByte
GetStartupInfoA
GetLocaleInfoA
FindResourceA
FreeEnvironmentStringsA
TlsAlloc
SetTimeZoneInformation
IsBadWritePtr
VirtualFree
ReadFile
GetStringTypeW
GetPrivateProfileStructA
GetTimeFormatA
VirtualAlloc
UnhandledExceptionFilter
CompareStringW
ReadFileEx
LCMapStringW
LCMapStringA
GetProcAddress
SetHandleCount
GetAtomNameA
SetConsoleCursorInfo
GetModuleFileNameW
TlsFree
VirtualQuery

wininet

HttpCheckDavCompliance
InternetGoOnlineW
FtpSetCurrentDirectoryA

shell32

ExtractIconW

comctl32

InitCommonControlsEx

user32

RegisterHotKey
RegisterClassExA
RegisterClassA
GetUserObjectInformationA
LoadMenuIndirectW

comdlg32

FindTextA
PageSetupDlgW

gdi32

GetColorAdjustment
GetPixel
GetTextFaceA
GetEnhMetaFileHeader
StrokeAndFillPath

Sections

.text
Size: 257KB - Virtual size: 256KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 318KB - Virtual size: 317KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c7f1eebea9b21d84e3e7425c21a1160d

Headers

File Characteristics

Imports

kernel32

wininet

shell32

comctl32

user32

comdlg32

gdi32

Sections

.text Size: 257KB - Virtual size: 256KB

.rdata Size: 8KB - Virtual size: 34KB

.data Size: 318KB - Virtual size: 317KB

.rsrc Size: 3KB - Virtual size: 2KB

.text
Size: 257KB - Virtual size: 256KB

.rdata
Size: 8KB - Virtual size: 34KB

.data
Size: 318KB - Virtual size: 317KB

.rsrc
Size: 3KB - Virtual size: 2KB