ccaaece5887497103f73ee8f001e8986

General

Target

ccaaece5887497103f73ee8f001e8986
Size

32KB
MD5

ccaaece5887497103f73ee8f001e8986
SHA1

1a083ecfe0b06387fb2b1e833321e3dceafb7fac
SHA256

041b285c25d42ceed6bd6e6ec26d98b544141b66b75ba53dcd66d4b2e69cc526
SHA512

b906ad3cb4a7a97447476e8c7fe34900a265e914ad4bd5f1c3c7ca88412d5336f45b69e8585731f18ec368d623e3eacfb891b973c8e998394a9d54536111348f
SSDEEP

384:tDmjo5HUHOVHWB1NYMMl1/GX95zKJmJMRIpCyFh+F86dlqJ4n:9HUHONRMMl1uX95zARwbWtKJ4n

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ccaaece5887497103f73ee8f001e8986

Files

ccaaece5887497103f73ee8f001e8986
.dll windows:4 windows x86 arch:x86

b94ec8184121fa6fe1c2fba6ee34d5d9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

BeginUpdateResourceW
CreateFileW
CreateIoCompletionPort
DefineDosDeviceW
EnumCalendarInfoExA
EnumDateFormatsA
ExitProcess
FindAtomW
GetCommandLineA
GetFileAttributesA
GetLogicalDriveStringsW
GetPrivateProfileIntW
GetProcessVersion
LoadLibraryExA
PurgeComm
ReadFileEx
SetStdHandle
SetTapePosition
SetThreadIdealProcessor
TransmitCommChar
UnlockFileEx
VirtualFreeEx
WaitCommEvent
lstrcpynA

advapi32

AddAccessDeniedAce
AdjustTokenPrivileges
CryptEnumProviderTypesA
CryptGenKey
CryptGenRandom
CryptSetProviderA
CryptVerifySignatureW
GetServiceKeyNameW
GetTrusteeTypeW
LockServiceDatabase
LookupAccountNameA
LookupPrivilegeNameW
LookupPrivilegeValueW
OpenServiceW
RegCreateKeyExW
RegCreateKeyW
RegNotifyChangeKeyValue
RegQueryInfoKeyW
RegisterServiceCtrlHandlerW
SetEntriesInAccessListW
SetNamedSecurityInfoExA

user32

CharPrevExA
ChildWindowFromPoint
DdeQueryConvInfo
DdeUninitialize
DialogBoxIndirectParamA
DispatchMessageA
DlgDirListComboBoxA
DlgDirSelectExW
DrawTextExA
EnumDesktopsW
GetFocus
GetGUIThreadInfo
GetMessageW
GetParent
LoadCursorFromFileW
MessageBoxExA
MessageBoxIndirectW
RealChildWindowFromPoint
SendMessageW
TranslateAcceleratorA

Exports

Exports

Update

Sections

.text
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b94ec8184121fa6fe1c2fba6ee34d5d9

Headers

File Characteristics

Imports

kernel32

advapi32

user32

Exports

Exports

Sections

.text Size: 4KB - Virtual size: 8KB

.data Size: 24KB - Virtual size: 36KB

.idata Size: - Virtual size: 8KB

.rsrc Size: - Virtual size: 16KB

.text
Size: 4KB - Virtual size: 8KB

.data
Size: 24KB - Virtual size: 36KB

.idata
Size: - Virtual size: 8KB

.rsrc
Size: - Virtual size: 16KB