cc407a3c234589c2ce10b9c1a2af91f8

Sharing

Copy URL Twitter E-mail

General

Target

cc407a3c234589c2ce10b9c1a2af91f8
Size

433KB
MD5

cc407a3c234589c2ce10b9c1a2af91f8
SHA1

6d821b55e8f416e3baa698fd725da6bf7e6997cc
SHA256

e6f381c85bbe55612135287110ce392fbff3dfe1f2a393e4a78466748075946f
SHA512

8bbd6b42157a15b76cb70bf284a59116ae7ba6703d88649f3e926c4b1c420dd6b26568550bf0626876ab6441bf43fe77e53959666b5f5d4123a4874b05735fb4
SSDEEP

6144:UOkwATv4umxmLbcXbJcpBXZDlShB9O8cybsM4PaTbsWvoUwaE4qy+z6E2eOKw5Mu:U54TdzM6bqUZohwS77pxwzA74dFD9vr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cc407a3c234589c2ce10b9c1a2af91f8

Files

cc407a3c234589c2ce10b9c1a2af91f8
.exe windows:4 windows x86 arch:x86

3c5e3759c42105a8c47d3422f63e5b78

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WriteFile
HeapDestroy
lstrcmpiA
GetCommandLineA
GetCurrentProcessId
DeleteCriticalSection
GetCommandLineW
CompareStringW
GetSystemTimeAsFileTime
HeapReAlloc
LCMapStringA
HeapSize
GetLocaleInfoW
MoveFileA
VirtualAlloc
GetStringTypeW
GetConsoleTitleA
VirtualQuery
IsDebuggerPresent
IsValidLocale
GetCurrentThreadId
GetCPInfo
GetACP
VirtualFree
GetProcessHeap
QueryPerformanceCounter
RtlUnwind
Sleep
GetProcAddress
GetEnvironmentStrings
GetModuleHandleA
GetFileType
GetTimeFormatA
SetLastError
TlsAlloc
GetStartupInfoW
TerminateProcess
TlsGetValue
GetOEMCP
MultiByteToWideChar
EnumResourceLanguagesW
EnterCriticalSection
GetStdHandle
GetCurrentThread
HeapAlloc
FreeEnvironmentStringsA
FreeLibrary
GetUserDefaultLCID
EnumSystemLocalesA
SetCurrentDirectoryW
SetConsoleCtrlHandler
LCMapStringW
TlsSetValue
InitializeCriticalSection
HeapFree
GetEnvironmentStringsW
CompareStringA
IsValidCodePage
GetTimeZoneInformation
GetCurrentProcess
GetModuleFileNameW
GetStringTypeA
LoadLibraryA
SetHandleCount
GetLastError
SetEnvironmentVariableA
GetDateFormatA
UnhandledExceptionFilter
ExitProcess
HeapCreate
GetVersionExA
FreeEnvironmentStringsW
GetLocaleInfoA
GetStartupInfoA
GetTickCount
GetTimeFormatW
GetModuleFileNameA
InterlockedExchange
TlsFree
WideCharToMultiByte
InterlockedDecrement
LeaveCriticalSection
SetUnhandledExceptionFilter
InterlockedIncrement

comdlg32

GetFileTitleA

advapi32

RegQueryMultipleValuesA
RegOpenKeyA

gdi32

EnumFontsW
CloseMetaFile
SetWorldTransform
GetCharWidthW
ExtTextOutA
GetRegionData
GetTextMetricsW
GetTextFaceW
GetCharacterPlacementA
GetObjectType
CancelDC

wininet

IsHostInProxyBypassList

user32

GetCaretPos
CreateIcon
ArrangeIconicWindows
GetDialogBaseUnits
SetCaretPos
CreateDialogIndirectParamW
MenuItemFromPoint
EnumDisplaySettingsA
GetScrollBarInfo
DlgDirListW
InsertMenuItemA
SetProcessWindowStation
DlgDirListComboBoxA
RegisterClassExW
GrayStringA
CreateWindowExW
GetClassInfoW
SetScrollRange
SetFocus
DdeQueryConvInfo

Sections

.text
Size: 136KB - Virtual size: 135KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 278KB - Virtual size: 278KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3c5e3759c42105a8c47d3422f63e5b78

Headers

File Characteristics

Imports

kernel32

comdlg32

advapi32

gdi32

wininet

user32

Sections

.text Size: 136KB - Virtual size: 135KB

.rdata Size: 9KB - Virtual size: 33KB

.data Size: 278KB - Virtual size: 278KB

.rsrc Size: 9KB - Virtual size: 8KB

.text
Size: 136KB - Virtual size: 135KB

.rdata
Size: 9KB - Virtual size: 33KB

.data
Size: 278KB - Virtual size: 278KB

.rsrc
Size: 9KB - Virtual size: 8KB