ccb8935910158444d8802aef6bd0307e

Sharing

Copy URL Twitter E-mail

General

Target

ccb8935910158444d8802aef6bd0307e
Size

447KB
MD5

ccb8935910158444d8802aef6bd0307e
SHA1

8a901d04404b313f87934f2fee436323ba15620f
SHA256

6f46247501e69d9b1edfa887052f52922cd77c8c1c1a120ca843fc5f6a13b3bc
SHA512

51152e7ed36cd807a9416d017d367de278b6947959a027b9d583877df8aeb28c8ceeaac399871e569f0dea235a7632a897619291bbda538c492e5dbbbbe24857
SSDEEP

12288:NnuHeKkQ8UbsvqdMhkL/ORNxoEvPda2+5RvEIZcC4gN:NpKREqdM6L2RN/E2+9Zb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ccb8935910158444d8802aef6bd0307e

Files

ccb8935910158444d8802aef6bd0307e
.exe windows:4 windows x86 arch:x86

1dee7c0c87c34f3addae5fb948776778

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

InternetCombineUrlW
InternetDial
RetrieveUrlCacheEntryStreamW
InternetOpenW
InternetTimeToSystemTimeW
CommitUrlCacheEntryW
DeleteIE3Cache
GopherGetLocatorTypeW
FreeUrlCacheSpaceA

user32

SetWindowsHookExW
GetKeyboardLayoutNameW
SetScrollRange

kernel32

GetVersionExW
TlsGetValue
GetTimeFormatA
GlobalFix
GetProcessHeap
GetStringTypeW
Sleep
LCMapStringW
WideCharToMultiByte
GetCurrentThread
GetCommandLineA
GetCurrentProcess
FreeEnvironmentStringsW
GetCommandLineW
EnumSystemLocalesA
InterlockedIncrement
CreateToolhelp32Snapshot
VirtualQuery
LocalShrink
GetProcAddress
GetFileTime
FormatMessageW
GetStdHandle
HeapAlloc
InterlockedDecrement
SetEnvironmentVariableA
VirtualFree
EnumCalendarInfoA
MultiByteToWideChar
GetLocaleInfoA
GetModuleHandleA
UnhandledExceptionFilter
SetEnvironmentVariableW
TerminateProcess
FreeLibrary
GlobalCompact
VirtualAlloc
GetDateFormatA
InterlockedExchange
GetLocaleInfoW
HeapReAlloc
WriteFile
GetLogicalDriveStringsW
TlsSetValue
OpenFileMappingW
GetCurrentThreadId
DeleteCriticalSection
IsDebuggerPresent
GetOEMCP
WriteProfileStringA
WriteConsoleOutputCharacterA
CompareStringW
UnlockFileEx
IsValidCodePage
GetModuleFileNameA
EnterCriticalSection
SetHandleCount
LCMapStringA
GetStartupInfoA
SetLastError
SetComputerNameA
GlobalUnlock
GetVersionExA
GetStartupInfoW
HeapDestroy
GetModuleFileNameW
QueryPerformanceCounter
GetUserDefaultLCID
FreeEnvironmentStringsA
SetConsoleCtrlHandler
TlsFree
LoadLibraryA
IsValidLocale
GetACP
GetTickCount
GetCurrentProcessId
TlsAlloc
InitializeCriticalSection
CompareStringA
HeapFree
GetThreadPriority
HeapSize
GetTimeZoneInformation
ExitProcess
GetLastError
LeaveCriticalSection
HeapCreate
GetEnvironmentStrings
GetCPInfo
GetFileType
GetSystemTimeAsFileTime
WaitForDebugEvent
RtlUnwind
SetUnhandledExceptionFilter
GetEnvironmentStringsW
GetStringTypeA

gdi32

EnumFontFamiliesExA
SetDeviceGammaRamp
GetEnhMetaFileA

comdlg32

PrintDlgA

Sections

.text
Size: 152KB - Virtual size: 152KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 281KB - Virtual size: 280KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1dee7c0c87c34f3addae5fb948776778

Headers

File Characteristics

Imports

wininet

user32

kernel32

gdi32

comdlg32

Sections

.text Size: 152KB - Virtual size: 152KB

.rdata Size: 9KB - Virtual size: 20KB

.data Size: 281KB - Virtual size: 280KB

.rsrc Size: 3KB - Virtual size: 3KB

.text
Size: 152KB - Virtual size: 152KB

.rdata
Size: 9KB - Virtual size: 20KB

.data
Size: 281KB - Virtual size: 280KB

.rsrc
Size: 3KB - Virtual size: 3KB