cc6299ee573aac8edc6ada185aa31a71

Sharing

Copy URL Twitter E-mail

General

Target

cc6299ee573aac8edc6ada185aa31a71
Size

108KB
MD5

cc6299ee573aac8edc6ada185aa31a71
SHA1

9e3f892d521b3925bb15c9ae48c6c767cbd56126
SHA256

c248fd78de320221b6118adc7e8980a2765a8d03cd6996a28893928333243764
SHA512

acf4b605dac38b278bf8bbef2fea97ad40812e3498c5f1e28ec8fcc0100340f3a795957f38e989c4e6fdd9f41ff75a30fbc92ed8516874dbc408458090a39182
SSDEEP

1536:n56ZH/EKOHaVUFhfEy5Xf72CW5nj2rTaM7rUtXZtnm:sZOiwLW57M7Itp5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cc6299ee573aac8edc6ada185aa31a71

Files

cc6299ee573aac8edc6ada185aa31a71
.dll windows:4 windows x86 arch:x86

a602961b7ccb40123363e77ffd23412c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

PostMessageA
IsWindow
GetTopWindow
PostThreadMessageA
GetWindowThreadProcessId
EnumWindows

kernel32

GetThreadLocale
FlushFileBuffers
TerminateProcess
OpenFileMappingA
MapViewOfFile
GetWindowsDirectoryA
UnmapViewOfFile
GetSystemDirectoryA
GetCommandLineA
GetModuleHandleA
OpenProcess
GetLastError
WaitForSingleObject
Sleep
GetVersionExA
CloseHandle
GetVersion
LoadLibraryA
HeapFree
SetFilePointer
WideCharToMultiByte
MultiByteToWideChar
WriteFile
HeapAlloc
EnterCriticalSection
LeaveCriticalSection
GetProcAddress
InitializeCriticalSection
GetProcessHeap
GetModuleFileNameA
CreateFileA
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RaiseException
RtlUnwind
ExitProcess
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LCMapStringA
LCMapStringW
HeapSize
InterlockedExchange
VirtualAlloc
HeapReAlloc
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
GetConsoleCP
GetConsoleMode
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW

oleaut32

VariantChangeType
VariantInit

advapi32

RegQueryValueExA
RegCloseKey
RegOpenKeyExA

Exports

Exports

KillNDrv
KillRU

Sections

.text
Size: 72KB - Virtual size: 70KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a602961b7ccb40123363e77ffd23412c

Headers

File Characteristics

Imports

user32

kernel32

oleaut32

advapi32

Exports

Exports

Sections

.text Size: 72KB - Virtual size: 70KB

.rdata Size: 16KB - Virtual size: 15KB

.data Size: 8KB - Virtual size: 34KB

.reloc Size: 8KB - Virtual size: 7KB

.text
Size: 72KB - Virtual size: 70KB

.rdata
Size: 16KB - Virtual size: 15KB

.data
Size: 8KB - Virtual size: 34KB

.reloc
Size: 8KB - Virtual size: 7KB