cc32dece7efb5879b50c311a9b5ac841

Sharing

Copy URL

Twitter E-mail

General

Target

cc32dece7efb5879b50c311a9b5ac841
Size

600KB
MD5

cc32dece7efb5879b50c311a9b5ac841
SHA1

9a76845ebba767821220da3cabe6793eda24c182
SHA256

1e99f077fb1faa00b3f9c78636251e2355fc3dd4689b90553bc17fdc0fcb7c65
SHA512

22429235b961ce157eb3af0d43881d802d663e2216396e4f712ab0e48aca7526e70cd17b33c7515adb19b241bcca797a0bc70054744f16e06fd61d7c4453f1d6
SSDEEP

12288:pJpNG9pZQC7T2VHIZbpNwGofDxTgJdnx8Jwn0D+1:pJz9C74oTohg7nx8JoZ1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cc32dece7efb5879b50c311a9b5ac841

Files

cc32dece7efb5879b50c311a9b5ac841
.exe windows:4 windows x86 arch:x86

152ac39ff164db6bbb3f8777fafa87ad

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\azfw\wueeb.pdb

Imports

kernel32

TerminateProcess
EnumCalendarInfoExA
VirtualQuery
GlobalUnlock
GetTimeZoneInformation
GetTimeFormatA
WriteConsoleInputA
GetProfileSectionW
TlsAlloc
GetTickCount
CompareStringA
GetCPInfo
TlsSetValue
ExitProcess
EnterCriticalSection
IsValidCodePage
FlushFileBuffers
HeapDestroy
lstrcpyA
GetConsoleScreenBufferInfo
UnhandledExceptionFilter
GetLastError
GetCommandLineA
GetStartupInfoA
HeapValidate
WriteConsoleA
ReadFile
HeapFree
InterlockedDecrement
GetConsoleCP
GetACP
Sleep
SetEnvironmentVariableA
CreateFileW
QueryPerformanceCounter
HeapReAlloc
GlobalLock
TlsGetValue
MapViewOfFileEx
GetProcAddress
SetVolumeLabelA
EnumDateFormatsExA
WideCharToMultiByte
FreeEnvironmentStringsA
HeapAlloc
GetModuleHandleA
RtlUnwind
GetUserDefaultLCID
GetProcessAffinityMask
CreateMutexA
GetOEMCP
GetStringTypeA
GetLocaleInfoA
GetCurrentProcess
IsValidLocale
GetConsoleMode
ReadConsoleOutputCharacterA
CreateFileA
VirtualFree
GetFileType
GetVolumeInformationW
SetConsoleCtrlHandler
GetStringTypeW
MultiByteToWideChar
IsDebuggerPresent
VirtualAlloc
OpenMutexA
SetLastError
TlsFree
GetDateFormatA
HeapSize
WriteConsoleW
SetFilePointer
GetCurrentThreadId
FileTimeToLocalFileTime
InterlockedExchange
LoadLibraryA
HeapCreate
GetStartupInfoW
GetStdHandle
SetComputerNameW
GetPriorityClass
GetEnvironmentStringsW
EnumSystemLocalesA
InterlockedIncrement
lstrcmpi
GetModuleHandleW
CloseHandle
DebugActiveProcess
GetConsoleOutputCP
SetStdHandle
GetConsoleTitleA
CompareStringW
GetSystemTimeAsFileTime
CreateProcessW
GetModuleFileNameW
OpenFile
FreeEnvironmentStringsW
SetUnhandledExceptionFilter
FreeLibrary
ConvertDefaultLocale
InitializeCriticalSectionAndSpinCount
GetCommandLineW
GetCurrentThread
SetHandleCount
DeleteAtom
DeleteCriticalSection
WriteFile
CreateWaitableTimerW
GetModuleFileNameA
LCMapStringA
GetCurrentProcessId
GetLocaleInfoW
LeaveCriticalSection
LCMapStringW

user32

GetDlgItemTextW
SendNotifyMessageA
PtInRect
DefWindowProcW
GetDlgItem
GetClassNameW
CharPrevW
RegisterClassA
wvsprintfA
CreateWindowExW
RegisterClassExA
SetMessageQueue
GetForegroundWindow
LoadMenuIndirectA
GetCapture
CheckMenuRadioItem
InSendMessage
SetWindowRgn
GetMessageA
PaintDesktop
RealGetWindowClass
DestroyWindow
EnumThreadWindows
ShowWindow
ChangeMenuW
DdeFreeStringHandle
LoadBitmapW
DestroyMenu
SetWindowLongW
LoadMenuIndirectW
CallMsgFilterW
SetMessageExtraInfo
IsCharAlphaNumericA
ShowWindowAsync
SetShellWindow
CreateDesktopA
MessageBoxW
UnpackDDElParam
PostQuitMessage

comctl32

DrawStatusText
MakeDragList
ImageList_GetIcon
ImageList_GetFlags
InitCommonControlsEx
ImageList_ReplaceIcon
ImageList_DragLeave
GetEffectiveClientRect
InitMUILanguage
DestroyPropertySheetPage
ImageList_GetDragImage
ImageList_SetFlags
ImageList_Read
CreateStatusWindowA
ImageList_SetOverlayImage
ImageList_DrawIndirect
ImageList_LoadImageW

gdi32

PolyBezierTo
ColorMatchToTarget
GetDeviceCaps
LPtoDP
PathToRegion
GetCharABCWidthsFloatA
GetBoundsRect
UnrealizeObject
GetBitmapBits
GetGlyphOutlineA
CreateRectRgnIndirect
GetWinMetaFileBits
CreateDCW
EnumMetaFile
SetMetaRgn

shell32

RealShellExecuteW
SHGetSpecialFolderLocation
ExtractIconA

wininet

InternetSetCookieW
DeleteUrlCacheContainerA
SetUrlCacheEntryInfoA
InternetAutodialHangup
HttpAddRequestHeadersW
UrlZonesDetach

Sections

.text
Size: 168KB - Virtual size: 166KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 252KB - Virtual size: 250KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 116KB - Virtual size: 139KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 60KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

152ac39ff164db6bbb3f8777fafa87ad

Headers

File Characteristics

PDB Paths

Imports

kernel32

user32

comctl32

gdi32

shell32

wininet

Sections

.text Size: 168KB - Virtual size: 166KB

.rdata Size: 252KB - Virtual size: 250KB

.data Size: 116KB - Virtual size: 139KB

.rsrc Size: 60KB - Virtual size: 58KB

.text
Size: 168KB - Virtual size: 166KB

.rdata
Size: 252KB - Virtual size: 250KB

.data
Size: 116KB - Virtual size: 139KB

.rsrc
Size: 60KB - Virtual size: 58KB