cce5ee6553efb2b90ed625f82d912b30

Sharing

Copy URL

Twitter E-mail

General

Target

cce5ee6553efb2b90ed625f82d912b30
Size

640KB
MD5

cce5ee6553efb2b90ed625f82d912b30
SHA1

bc9c8343132a4e337db4febc6a9cbfee5c677ba8
SHA256

a4b376554b86b6c553cf0884263b2ea55709925681e2f2a80bf8b71597ae0f6c
SHA512

b5646477ecab2bc371be50a0234261907b516b8dc152e77a62818630714b6149b736755bab3ac7f077313f4633e07f1b8ff23e2352f907f917229620dbcd0a70
SSDEEP

12288:dnQf4DDgFlD01vPWjLUtOQ620Jd8S39Memjqtz1oMmpBtDdSwsPIsy6ITNyKls/d:5Qf4DEFlD0dP3GRm+tz1w9sws06IV0P

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cce5ee6553efb2b90ed625f82d912b30

Files

cce5ee6553efb2b90ed625f82d912b30
.exe windows:4 windows x86 arch:x86

a1a0deef8222736b369f3fb5bd174378

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\uldeeu\xgh\usofge.PDB

Imports

kernel32

FindNextChangeNotification
SetStdHandle
TlsSetValue
LocalSize
GetStringTypeW
GetModuleFileNameA
TlsGetValue
GetConsoleMode
GetCompressedFileSizeW
lstrlen
WriteFile
Sleep
FillConsoleOutputAttribute
SetCurrentDirectoryW
TlsAlloc
GetSystemTimeAsFileTime
GetTempFileNameA
GetDriveTypeW
FlushFileBuffers
GetDateFormatW
QueryPerformanceCounter
OpenWaitableTimerA
GetCalendarInfoW
GetFileType
FreeEnvironmentStringsA
TryEnterCriticalSection
AddAtomW
GetProfileSectionW
GetTimeFormatA
GlobalFindAtomW
EnterCriticalSection
HeapAlloc
ReleaseMutex
VirtualFree
CreateProcessA
EnumSystemLocalesA
GetLocaleInfoW
GetCurrentThreadId
EnumDateFormatsA
GetVersionExA
CreateDirectoryExA
SetUnhandledExceptionFilter
VirtualQuery
ExpandEnvironmentStringsA
CompareStringA
DeleteCriticalSection
GetUserDefaultLCID
GetCurrentThread
UnlockFile
GetEnvironmentVariableW
OpenFileMappingA
WaitCommEvent
FreeLibrary
LoadLibraryExA
GetTickCount
HeapReAlloc
GetConsoleCP
GetCurrentProcessId
HeapDestroy
CloseHandle
GetCurrencyFormatW
InterlockedIncrement
GetStartupInfoW
DeleteAtom
GetCommandLineW
ExpandEnvironmentStringsW
LoadLibraryA
IsValidLocale
DeleteFiber
SetConsoleMode
GlobalAddAtomW
CommConfigDialogA
WriteProfileSectionA
SetLastError
EnumResourceLanguagesW
VirtualLock
LeaveCriticalSection
SetFilePointer
CreateDirectoryExW
IsValidCodePage
SetEnvironmentVariableA
GetModuleFileNameW
FindNextFileW
GetCommandLineA
GlobalFindAtomA
OpenFileMappingW
FindClose
GetProfileIntW
WideCharToMultiByte
ReadFile
GetAtomNameA
OpenMutexA
GetLongPathNameW
HeapFree
HeapLock
SetConsoleCtrlHandler
MultiByteToWideChar
OpenSemaphoreA
GetACP
GetCPInfo
RtlUnwind
ExitProcess
GetDateFormatA
GetVolumeInformationA
WritePrivateProfileStructW
WriteConsoleInputA
TransactNamedPipe
GetLastError
ConnectNamedPipe
WriteConsoleW
GetProcAddress
UnhandledExceptionFilter
HeapCreate
InterlockedExchange
GetStdHandle
GetStartupInfoA
InitializeCriticalSection
GetProcessHeap
GetSystemTimeAdjustment
InterlockedDecrement
SetHandleCount
HeapSize
GetConsoleOutputCP
LCMapStringA
lstrcpyA
EnumTimeFormatsW
GetTimeZoneInformation
GetCurrentProcess
SetConsoleScreenBufferSize
ReadConsoleInputA
GlobalAlloc
TlsFree
GetSystemInfo
GetEnvironmentStringsW
LCMapStringW
TerminateProcess
CreateFileA
VirtualAlloc
CreateMutexA
CreateWaitableTimerW
CompareStringW
GetEnvironmentStrings
WriteConsoleA
GetLocaleInfoA
GetOEMCP
GetNumberFormatW
GetStringTypeA
FreeEnvironmentStringsW
InterlockedExchangeAdd
IsDebuggerPresent
GetModuleHandleA

shell32

DragAcceptFiles
RealShellExecuteExA
InternalExtractIconListA

comctl32

ImageList_Destroy
InitCommonControlsEx
ImageList_Copy
ImageList_SetIconSize
ImageList_GetImageInfo
ImageList_GetImageCount
ImageList_SetFlags
ImageList_LoadImageA

user32

SetClassLongA
RegisterClassA
CreateWindowExA
RegisterClipboardFormatA
RealGetWindowClass
CharNextExA
GetKeyboardType
CreateMenu
LoadAcceleratorsW
DdeCreateDataHandle
IsWindowVisible
SetCursorPos
CharPrevA
OpenWindowStationW
RegisterClassExA
GetDialogBaseUnits
GetDlgItemTextW
GetCursorPos
DdeReconnect
CharPrevW
WindowFromDC
PostMessageA
GetWindowTextW
GetComboBoxInfo
DestroyWindow
CreateIconFromResource
IsCharUpperW
DdeCmpStringHandles
IsCharAlphaNumericA
MessageBoxA
GetWindowLongA
GetLastActivePopup
GetMenuContextHelpId
DdeAccessData
SendDlgItemMessageA
IsCharLowerW
GetMenuCheckMarkDimensions
ValidateRgn
CreateDialogParamA
MapDialogRect
SetWindowTextW
InsertMenuA
WINNLSGetIMEHotkey
OpenDesktopA
SendIMEMessageExW
IsCharAlphaA
DdeNameService
CopyAcceleratorTableW
ShowWindow
ChangeDisplaySettingsA
GetKeyNameTextW
LoadCursorFromFileW
CheckMenuRadioItem
SendMessageTimeoutA
GetGuiResources
CharPrevExA
GetClipboardFormatNameW
DdePostAdvise
DefWindowProcW
LoadKeyboardLayoutA
GetTitleBarInfo
SetClassLongW
OpenWindowStationA
FlashWindowEx
ReleaseDC

Sections

.text
Size: 236KB - Virtual size: 233KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 264KB - Virtual size: 261KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 112KB - Virtual size: 126KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a1a0deef8222736b369f3fb5bd174378

Headers

File Characteristics

PDB Paths

Imports

kernel32

shell32

comctl32

user32

Sections

.text Size: 236KB - Virtual size: 233KB

.rdata Size: 264KB - Virtual size: 261KB

.data Size: 112KB - Virtual size: 126KB

.rsrc Size: 24KB - Virtual size: 21KB

.text
Size: 236KB - Virtual size: 233KB

.rdata
Size: 264KB - Virtual size: 261KB

.data
Size: 112KB - Virtual size: 126KB

.rsrc
Size: 24KB - Virtual size: 21KB