cc27d4c75910937677d8669832992ee8

Sharing

Copy URL Twitter E-mail

General

Target

cc27d4c75910937677d8669832992ee8
Size

22KB
MD5

cc27d4c75910937677d8669832992ee8
SHA1

cd008693c7877d930e5a2ba8d34fde43e3380932
SHA256

bde1f14fe90126071ae25a3aa645a8ebaa786512f721b27d9b90132ed1721ef6
SHA512

163c12abe82739b582b61bfa1aa183466b7f7d33adb16eaeb17cdd835dd128b7d1a336f68c540292786931ab52d1c14cd77d74bf07e9934df72ea323d92da537
SSDEEP

384:6By1p77nHgfLp3kG2ZR4YHkDUPiCyRXEUC1lRWqeF6PXQl4xo1J:6U1RADqG2kBSlbPXd+J

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cc27d4c75910937677d8669832992ee8

Files

cc27d4c75910937677d8669832992ee8
.exe windows:4 windows x86 arch:x86

dac11c4ee18ad561aa280a454a3ec4ad

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_except_handler3
_controlfp
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
strstr
_vsnprintf
strcat
mbstowcs
wcstombs
strncpy
atoi
fread
strtok
strcmp
wcslen
wcscmp
malloc
memcpy
free
strcpy
remove
_wfopen
strlen
fwprintf
fclose
??1type_info@@UAE@XZ
??3@YAXPAX@Z
_CxxThrowException
sprintf
_snwprintf
memset
srand
rand
_snprintf

kernel32

LocalFree
GetStartupInfoA
GetModuleHandleA
SetErrorMode
CreateMutexW
GetVersionExA
GetLocaleInfoW
TerminateThread
SetThreadPriority
ExitProcess
GetLastError
ExpandEnvironmentStringsW
CreateFileW
CloseHandle
WriteFile
CreateProcessW
GlobalAlloc
GlobalLock
GlobalUnlock
GetModuleHandleW
GetModuleFileNameW
CopyFileW
SetFileAttributesW
GetFileAttributesW
GetSystemDefaultLangID
GetLogicalDriveStringsW
GetDriveTypeW
CreateThread
GetTickCount
Sleep

ws2_32

inet_addr
connect
select
closesocket
sendto
socket
htons
WSAStartup
send
WSACleanup
recv
gethostbyname

urlmon

URLDownloadToFileW

shlwapi

PathAppendW

advapi32

RegCreateKeyExW
RegSetValueExW
RegDeleteValueW
RegQueryValueExW
RegOpenKeyExW
RegCloseKey

shell32

SHGetFolderPathW
ShellExecuteW

wininet

InternetOpenW
InternetOpenUrlW
InternetCloseHandle
InternetReadFile

user32

FindWindowW
keybd_event
SetForegroundWindow
SetFocus
ShowWindow
VkKeyScanA
RegisterDeviceNotificationA
PostQuitMessage
UnregisterDeviceNotification
DestroyWindow
DefWindowProcA
DispatchMessageA
TranslateMessage
GetMessageA
CreateWindowExW
RegisterClassW
LoadCursorA
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard

ole32

CoCreateInstance
CoUninitialize
CLSIDFromString
CoInitialize

oleaut32

VariantInit
SysAllocString
VariantClear

Sections

.text
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

dac11c4ee18ad561aa280a454a3ec4ad

Headers

File Characteristics

Imports

msvcrt

kernel32

ws2_32

urlmon

shlwapi

advapi32

shell32

wininet

user32

ole32

oleaut32

Sections

.text Size: 12KB - Virtual size: 12KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 5KB - Virtual size: 104KB

.text
Size: 12KB - Virtual size: 12KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 5KB - Virtual size: 104KB