cf4e015eeabfd226f997a8aa258c3d97

Sharing

Copy URL

Twitter E-mail

General

Target

cf4e015eeabfd226f997a8aa258c3d97
Size

957KB
MD5

cf4e015eeabfd226f997a8aa258c3d97
SHA1

eb2c8d789ab2e2b4c12dff88f7553114ada1f054
SHA256

06104da8d17662bd405006269c9437f542e2291a8dfcc62b5a6821bcb3a9f645
SHA512

01283868f2887fcf2527d3cbaf2db860e010d1a77c6af7b409a7ebfc677cf3437c86b2dfeeda02ed316ef723cf3c0a3457aa977e1f3eea2f9d8f834f07dd8317
SSDEEP

24576:ypfCvc5/gdZWrtMEgXDHXnTy7ovzR9JzTooO8vx/O:yp6vc6ZW2EgTHXnTeoztGc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs
Checks for missing Authenticode signature.

Processes:

resource

cf4e015eeabfd226f997a8aa258c3d97

resource
cf4e015eeabfd226f997a8aa258c3d97

Files

cf4e015eeabfd226f997a8aa258c3d97
.exe windows:5 windows x86 arch:x86

a5399bc20cb9fcc7722c96f8838abe55

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

MulDiv
WaitForSingleObject
OpenEventA
GlobalAddAtomA
CreateEventA
WideCharToMultiByte
MultiByteToWideChar
CreateDirectoryA
GetProcessHeap
SetEndOfFile
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
GetLocaleInfoA
ExitProcess
FlushFileBuffers
SetStdHandle
GetConsoleOutputCP
WriteConsoleA
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
ReadFile
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
LoadLibraryW
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
InitializeCriticalSectionAndSpinCount
GetModuleFileNameA
InterlockedDecrement
GetCurrentThreadId
SetLastError
LoadLibraryA
LockResource
GetProcAddress
WriteFile
GlobalSize
lstrcpyA
GetLastError
GetFileSize
CreateFileA
HeapSize
GlobalLock
GlobalUnlock
FindResourceA
LoadResource
SizeofResource
GlobalAlloc
GlobalFree
LocalFree
InterlockedIncrement
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
HeapReAlloc
DeleteFileA
VirtualAlloc
VirtualFree
HeapCreate
DeleteCriticalSection
SetHandleCount
SetFilePointer
LeaveCriticalSection
EnterCriticalSection
Sleep
CreateThread
CloseHandle
GetModuleHandleA
QueryPerformanceCounter
SetCurrentDirectoryA
GetConsoleMode
GetConsoleCP
GetStartupInfoA
GetCommandLineA
GetModuleFileNameW
GetStdHandle
HeapFree
GetModuleHandleW
HeapAlloc
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RaiseException
RtlUnwind
WriteConsoleW
GetFileType

user32

ShowWindow
DispatchMessageA
TranslateMessage
SendDlgItemMessageA
GetDlgItemTextA
GetDlgItem
EnableWindow
GetCursorPos
LoadBitmapA
BeginPaint
CreateWindowExA
DefDlgProcA
CreateMenu
CreatePopupMenu
SetCapture
InvalidateRect
SetMenu
TrackPopupMenu
DestroyMenu
OpenClipboard
GetClipboardData
PostMessageA
CloseClipboard
GetSystemMenu
GetMenuState
EnumWindowStationsW
SetForegroundWindow
UnhookWindowsHookEx
LoadAcceleratorsA
IsClipboardFormatAvailable
EnableMenuItem
GetAncestor
GetWindowLongA
GetScrollBarInfo
SendMessageA
CopyImage
LoadImageA
GetWindowRect
DialogBoxParamA
GetShellWindow
SetDlgItemTextA
EndDialog
GetMessageA

gdi32

GetTextMetricsA
SetTextAlign
CreateFontW
CreateSolidBrush
GetStockObject
SelectObject
BitBlt
CreateFontIndirectA

comdlg32

GetOpenFileNameA

advapi32

UnregisterTraceGuids
SetEntriesInAclA
GetNamedSecurityInfoA
IsValidSecurityDescriptor
UpdateTraceA
SetNamedSecurityInfoA

shell32

SHBrowseForFolderA
SHGetPathFromIDListA

ole32

CreateStreamOnHGlobal
CoInitializeSecurity
CoCreateInstance
CoInitializeEx
CoUninitialize

oleaut32

CreateStdDispatch
OleLoadPicture
SysFreeString
SysAllocString
OleSavePictureFile

ws2_32

WSAGetLastError

avifil32

AVIBuildFilterA

comctl32

ImageList_ReplaceIcon
ImageList_Destroy
ImageList_Create

ntdsapi

DsMakeSpnA
DsMapSchemaGuidsA

tapi32

lineConfigDialogA
lineConfigDialogEditA

Exports

Exports

Pi

Sections

.text
Size: 291KB - Virtual size: 291KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 74KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 572KB - Virtual size: 571KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a5399bc20cb9fcc7722c96f8838abe55

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

ws2_32

avifil32

comctl32

ntdsapi

tapi32

Exports

Exports

Sections

.text Size: 291KB - Virtual size: 291KB

.rdata Size: 74KB - Virtual size: 73KB

.data Size: 6KB - Virtual size: 16KB

.rsrc Size: 572KB - Virtual size: 571KB

.reloc Size: 12KB - Virtual size: 12KB

.text
Size: 291KB - Virtual size: 291KB

.rdata
Size: 74KB - Virtual size: 73KB

.data
Size: 6KB - Virtual size: 16KB

.rsrc
Size: 572KB - Virtual size: 571KB

.reloc
Size: 12KB - Virtual size: 12KB