cc5ffaaa75d8135f4be905f9b79152ca

Sharing

Copy URL Twitter E-mail

General

Target

cc5ffaaa75d8135f4be905f9b79152ca
Size

464KB
MD5

cc5ffaaa75d8135f4be905f9b79152ca
SHA1

165a02e89801059a77e4b869342f7e1b9aaee091
SHA256

abd1c59facc15831e0d7daefb0dd84d954077cee74c14f43cc7c0544e43a3597
SHA512

9c8caeaabec23aaeb438be199437be4d45ce5c58396c60724a0cc2a301612d2393bb78861d56ecf989590e4d6bb07ee0027e503cae59fd5b34413d8e855a9284
SSDEEP

12288:zcRjEYRUMhWjXDw1DOT9H0PezI0eTFk0:AJhWjXcg9+SIxTFk0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cc5ffaaa75d8135f4be905f9b79152ca

Files

cc5ffaaa75d8135f4be905f9b79152ca
.exe windows:4 windows x86 arch:x86

eb10fc5232193656e0ca5e2e9a386208

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TlsFree
FreeLibraryAndExitThread
LCMapStringW
GetSystemTimeAsFileTime
InterlockedExchange
ReadConsoleA
TlsGetValue
GetTickCount
ExitProcess
LeaveCriticalSection
OpenFile
HeapCreate
LoadLibraryA
UnlockFile
RtlUnwind
UnhandledExceptionFilter
CloseHandle
GetFileType
InterlockedIncrement
CompareStringW
GetCurrentThread
CreateMutexA
SetStdHandle
TerminateProcess
SetFilePointer
ReadConsoleOutputA
GetLocalTime
LCMapStringA
GetLastError
ConnectNamedPipe
GetEnvironmentStringsW
GetStringTypeW
WideCharToMultiByte
VirtualQuery
GetCurrentThreadId
GetStdHandle
FreeEnvironmentStringsW
GetSystemDefaultLCID
SetSystemTime
InitializeCriticalSection
QueryPerformanceCounter
GetStartupInfoA
WaitNamedPipeA
HeapFree
FindResourceA
FlushFileBuffers
GetCommandLineA
DeleteCriticalSection
GetModuleFileNameA
GetCurrentProcess
GetModuleHandleA
SetHandleCount
GetStringTypeA
GetOEMCP
IsBadWritePtr
WriteFile
HeapReAlloc
GetFileAttributesExW
TlsSetValue
CreateNamedPipeA
EnterCriticalSection
GetVersion
MultiByteToWideChar
HeapDestroy
GetThreadLocale
ReadFile
EnumCalendarInfoExW
GetSystemTime
GetACP
InterlockedDecrement
GetDiskFreeSpaceExA
LoadModule
TlsAlloc
VirtualAlloc
GetCPInfo
GetProcAddress
SetEnvironmentVariableA
HeapAlloc
VirtualFree
OpenMutexA
GetCurrentProcessId
GetPrivateProfileIntA
lstrcmpW
GetEnvironmentStrings
FreeEnvironmentStringsA
CompareStringA
GetLongPathNameW
GetTimeZoneInformation
TerminateThread
SetLastError
GetConsoleTitleW

user32

SetWindowWord
GetNextDlgTabItem
MapVirtualKeyA
GetCursor
SetThreadDesktop
CharLowerBuffA
DrawStateA
RegisterDeviceNotificationA
RegisterClassExA
CharPrevExA
MessageBoxW
GetWindowTextW
FindWindowW
ShowScrollBar
DrawTextExA
GetMonitorInfoA
UnionRect
RegisterClassA
CharNextExA
OpenDesktopA
EnumChildWindows
GetUserObjectInformationW
DrawTextW
UnregisterClassA
GetClipboardOwner
InsertMenuItemW

comdlg32

ReplaceTextW
ChooseFontA

comctl32

InitCommonControlsEx

advapi32

CryptDuplicateKey
RegSetValueA
CryptGetDefaultProviderW

gdi32

GetCharWidthFloatW

Sections

.text
Size: 141KB - Virtual size: 140KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 311KB - Virtual size: 310KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

eb10fc5232193656e0ca5e2e9a386208

Headers

File Characteristics

Imports

kernel32

user32

comdlg32

comctl32

advapi32

gdi32

Sections

.text Size: 141KB - Virtual size: 140KB

.rdata Size: 5KB - Virtual size: 23KB

.data Size: 311KB - Virtual size: 310KB

.rsrc Size: 6KB - Virtual size: 5KB

.text
Size: 141KB - Virtual size: 140KB

.rdata
Size: 5KB - Virtual size: 23KB

.data
Size: 311KB - Virtual size: 310KB

.rsrc
Size: 6KB - Virtual size: 5KB