cce8f3a8fd6538ef0f176883f5b4e733

Sharing

Copy URL Twitter E-mail

General

Target

cce8f3a8fd6538ef0f176883f5b4e733
Size

80KB
MD5

cce8f3a8fd6538ef0f176883f5b4e733
SHA1

71c73ac308a33463dcc5b93d05f958486997af2f
SHA256

876577205086626ad2ae996d0575dccd07715b2936d8895ae0960dad58aaad98
SHA512

cb65804e3af3a24889ccdaab0fbb4c93c9cb306e931e61cf5412bd5dc09b06a6bd8701798848d3ad4524e51daa3ef38758a1cd68d7a844290b2ca3a820db0334
SSDEEP

1536:k+pNmRPlYVEmuKyehUdYg2efSYX5N4H2:XOvmuBehUagPSY/4H2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cce8f3a8fd6538ef0f176883f5b4e733

Files

cce8f3a8fd6538ef0f176883f5b4e733
.dll windows:4 windows x86 arch:x86

608609cf241d3800173ef7b4995157c2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetModuleFileNameA
GetSystemTimeAsFileTime
GetTickCount
GetCurrentProcessId
WideCharToMultiByte
MultiByteToWideChar
IsDBCSLeadByte
ResetEvent
SetConsoleCtrlHandler
CreateSemaphoreA
ReleaseSemaphore
InterlockedDecrement
SetEvent
InterlockedIncrement
GetCurrentThreadId
CreateEventA
InterlockedExchange
GetConsoleCP
GetConsoleOutputCP
GetVersionExA
OutputDebugStringA
GetModuleHandleA
GetProcessTimes
GetEnvironmentVariableA
CreateFileW
CreateFileA
GetSystemTime
SystemTimeToFileTime
SetFileTime
DeleteFileW
DeleteFileA
RemoveDirectoryW
RemoveDirectoryA
MoveFileW
MoveFileA
GetProcAddress
GetVersion
GetFullPathNameW
FindFirstFileW
FindNextFileW
FindNextFileA
SetFileAttributesW
SetFileAttributesA
GetFileAttributesW
GetFileAttributesA
GetFileType
GetFileInformationByHandle
GetFileAttributesExW
GetFileAttributesExA
SetCurrentDirectoryW
GetCurrentDirectoryW
SetLastError
SetEnvironmentVariableW
SetCurrentDirectoryA
GetCurrentDirectoryA
SetEnvironmentVariableA
Sleep
FlushViewOfFile
SetFilePointer
CreateFileMappingA
MapViewOfFile
GetFileSize
UnmapViewOfFile
GetSystemInfo
FindFirstFileA
FindClose
SetEndOfFile
LocalFree
GetFullPathNameA
LoadLibraryExA
FormatMessageA
FreeLibrary
WaitForSingleObject
GetExitCodeProcess
TerminateProcess
CreateProcessA
CreatePipe
DuplicateHandle
GetCurrentProcess
GetStdHandle
GetLastError
CloseHandle
GetACP
GetLocaleInfoA
QueryPerformanceFrequency
CreateDirectoryW
QueryPerformanceCounter
CreateDirectoryA
ExitProcess

user32

wsprintfA
CharPrevA
LoadStringA

advapi32

RegLoadKeyA
RegFlushKey
RegQueryInfoKeyA
RegEnumValueA
RegEnumKeyExA
RegDeleteValueA
RegDeleteKeyA
RegCreateKeyA
RegConnectRegistryA
RegCloseKey
RegSetValueExA
RegQueryValueA
RegQueryValueExA
RegSaveKeyA
RegSetValueA
RegOpenKeyExA

Exports

Exports

ndsmghn

Sections

.text
Size: 44KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 618B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

608609cf241d3800173ef7b4995157c2

Headers

File Characteristics

Imports

kernel32

user32

advapi32

Exports

Exports

Sections

.text Size: 44KB - Virtual size: 40KB

.data Size: 20KB - Virtual size: 16KB

.rsrc Size: 8KB - Virtual size: 6KB

.reloc Size: 4KB - Virtual size: 618B

.text
Size: 44KB - Virtual size: 40KB

.data
Size: 20KB - Virtual size: 16KB

.rsrc
Size: 8KB - Virtual size: 6KB

.reloc
Size: 4KB - Virtual size: 618B