ccd262d64523e1036a9dea241c19aed3

Sharing

Copy URL Twitter E-mail

General

Target

ccd262d64523e1036a9dea241c19aed3
Size

140KB
MD5

ccd262d64523e1036a9dea241c19aed3
SHA1

1523d3cadac0b5acbf59e7145ae7223a0f76af15
SHA256

45ea306ae56e4c0f0ced1dff70b9443ae252056d1a88149f2cb4a2592571ebbb
SHA512

df14a16c641fa36ad5dd1383e16ec11a6623a7e1cabcac8fa318d5da177645c8b2539bbeedbdfec55b427b5fc377be181a23700338a4dff7e9d32f3436a72009
SSDEEP

3072:lFNGRO78zXwEYh/x2harx/XVFVjvidqQe+J:lFwROgMdhsharFFFVO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ccd262d64523e1036a9dea241c19aed3

Files

ccd262d64523e1036a9dea241c19aed3
.exe windows:5 windows x86 arch:x86

86088826c2aa30aa09cd74060b55273f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_except_handler3
_controlfp
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__wgetmainargs
__winitenv
exit
_cexit
_XcptFilter
_exit
_c_exit
wprintf
wcsrchr
_wcsicmp
_wcsnicmp
iswalpha
towupper
towlower
wcschr
??2@YAPAXI@Z
??3@YAXPAX@Z
_iob
fputs
fputws

advapi32

RegCloseKey
LookupPrivilegeValueW
OpenProcessToken
RegQueryValueExW
AdjustTokenPrivileges

kernel32

lstrcpynW
LoadLibraryA
VirtualAlloc
lstrcmpW
lstrcpyW
lstrcmpiW
FreeLibrary
GetLastError
GetCurrentProcess
CloseHandle
FormatMessageW
LocalFree
GetProcAddress
LoadLibraryW
GetFullPathNameW
GetModuleHandleA
lstrlenW

setupapi

SetupDiGetDeviceInstallParamsW
SetupDiSetDeviceInstallParamsW
SetupDiBuildDriverInfoList
SetupDiEnumDriverInfoW
SetupDiOpenDevRegKey
SetupDiGetDriverInfoDetailW
SetupDiDestroyDriverInfoList
SetupCloseFileQueue
SetupScanFileQueueW
SetupDiCallClassInstaller
SetupOpenFileQueue
SetupDiSetSelectedDriverW
SetupDiGetDriverInstallParamsW
SetupDiOpenClassRegKeyExW
SetupDiGetClassDescriptionExW
SetupDiClassNameFromGuidExW
SetupDiBuildClassInfoListExW
SetupDiSetClassInstallParamsW
SetupDiSetDeviceRegistryPropertyW
SetupDiCreateDeviceInfoW
SetupDiCreateDeviceInfoList
SetupDiGetINFClassW
CM_Disconnect_Machine
CM_Reenumerate_DevNode_Ex
CM_Locate_DevNode_ExW
CM_Connect_MachineW
CM_Free_Log_Conf_Handle
CM_Get_Next_Res_Des_Ex
CM_Free_Res_Des_Handle
CM_Get_Res_Des_Data_Size_Ex
SetupDiGetDeviceRegistryPropertyW
SetupDiDestroyDeviceInfoList
SetupDiEnumDeviceInfo
CM_Get_Device_ID_ExW
SetupDiGetDeviceInfoListDetailW
SetupDiOpenDeviceInfoW
SetupDiGetClassDevsExW
SetupDiCreateDeviceInfoListExW
SetupDiClassGuidsFromNameExW
CM_Get_DevNode_Status_Ex
CM_Get_Res_Des_Data_Ex
CM_Get_First_Log_Conf_Ex

user32

ExitWindowsEx
CharNextW
LoadStringW

Sections

.text
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 368B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 123KB - Virtual size: 122KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

86088826c2aa30aa09cd74060b55273f

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

advapi32

kernel32

setupapi

user32

Sections

.text Size: 16KB - Virtual size: 15KB

.data Size: 512B - Virtual size: 368B

.rsrc Size: 123KB - Virtual size: 122KB

.text
Size: 16KB - Virtual size: 15KB

.data
Size: 512B - Virtual size: 368B

.rsrc
Size: 123KB - Virtual size: 122KB