ccee376dd5364216af9b2f92ae4dc429

Sharing

Copy URL

Twitter E-mail

General

Target

ccee376dd5364216af9b2f92ae4dc429
Size

503KB
MD5

ccee376dd5364216af9b2f92ae4dc429
SHA1

a6b9c9c9ce56012e2b6eeae1b70fab1d7b69c137
SHA256

9a4a06d84a5509c6ce026ffb894caa7d07e0da9ef23699da61e524fae9bdf215
SHA512

f3f076f500bc63addd1163e1021d39d3af07c23e1baf0d42705b20116045fa3d9b2e05afafe0391c8e4b5f08763e92b6fc040a04bf7de7097d9595261a060f61
SSDEEP

12288:EOSD+0jF2n48ogYwwBGZvOwGvuZxcaJXwrsJ8mEl:ID+kFZ8ouOvoxtArdmg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ccee376dd5364216af9b2f92ae4dc429

Files

ccee376dd5364216af9b2f92ae4dc429
.exe windows:4 windows x86 arch:x86

e5a978d9b98f53f4784a656c91c6f8eb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

InitCommonControlsEx

gdi32

CreatePen
RemoveFontResourceA
GetFontLanguageInfo
SetStretchBltMode
GetLogColorSpaceW
EndDoc
CreatePolygonRgn
FillRgn
DeleteColorSpace
PtInRegion
CloseEnhMetaFile
StrokePath
FillPath
GetCurrentPositionEx
GetColorSpace
GetGlyphOutlineW
SetBrushOrgEx

user32

GetCapture
CharLowerW
PostThreadMessageW
DialogBoxIndirectParamW
RegisterClassA
DlgDirListW
CharNextW
CascadeWindows
GetPriorityClipboardFormat
GetCursorPos
RegisterClassExA
OpenIcon
SetProcessWindowStation
GetMenuInfo
MonitorFromPoint
GetMenuBarInfo
InsertMenuItemW
SetActiveWindow
SetMenuContextHelpId
LoadCursorW
WINNLSGetEnableStatus
SystemParametersInfoW
GetDoubleClickTime
RemoveMenu
SetShellWindow
DdeReconnect

advapi32

RegSetValueA
LookupSecurityDescriptorPartsW
RegCloseKey
InitializeSecurityDescriptor
RegDeleteKeyW
CryptEnumProvidersW
DuplicateTokenEx
StartServiceA
CryptVerifySignatureW
RegQueryMultipleValuesA
RegRestoreKeyW
RegSetKeySecurity
CryptDestroyHash
CryptGenRandom
CryptGetUserKey
AbortSystemShutdownA
LookupAccountNameA
CryptGetProvParam
CryptCreateHash
CryptHashSessionKey
RegNotifyChangeKeyValue
RevertToSelf
RegSetValueExW

comdlg32

PageSetupDlgW
ChooseFontA

shell32

SHGetFileInfoA
ShellAboutW
DoEnvironmentSubstW
ExtractAssociatedIconExA
SHFreeNameMappings

kernel32

FreeLibraryAndExitThread
GetLastError
GetCurrentThreadId
GetTickCount
RtlUnwind
GetEnvironmentStrings
SetHandleCount
GetCPInfo
SetFilePointer
OpenMutexA
GetProcAddress
FreeEnvironmentStringsW
CloseHandle
GetFileType
ExitProcess
GetStartupInfoA
VirtualAlloc
LCMapStringW
IsValidLocale
CreateMutexA
GetLocaleInfoA
OpenWaitableTimerA
UnhandledExceptionFilter
LCMapStringA
DeleteCriticalSection
QueryPerformanceCounter
GetLocalTime
GetSystemTimeAsFileTime
VirtualQuery
GetTimeFormatA
GetVersionExA
WideCharToMultiByte
VirtualProtect
GetCurrentThread
GetStringTypeW
MultiByteToWideChar
GetACP
FreeEnvironmentStringsA
GetModuleFileNameA
TerminateProcess
LeaveCriticalSection
EnumSystemLocalesA
GetEnvironmentStringsW
GetDateFormatA
UnmapViewOfFile
InitializeCriticalSection
HeapCreate
HeapAlloc
LoadLibraryA
HeapDestroy
SetStdHandle
IsBadWritePtr
InterlockedExchange
EnterCriticalSection
GetLocaleInfoW
GetFileAttributesW
GlobalReAlloc
ReadFile
FlushFileBuffers
SetEnvironmentVariableA
HeapSize
GetCurrentProcess
CompareStringA
TlsGetValue
SetLastError
GetModuleHandleA
GetTimeZoneInformation
CompareStringW
VirtualFree
GetCurrentProcessId
TlsSetValue
HeapReAlloc
GetOEMCP
HeapFree
GetUserDefaultLCID
GetCommandLineA
IsValidCodePage
TlsAlloc
TlsFree
GetStdHandle
SetFileAttributesW
WriteFile
GetStringTypeA
GetSystemInfo

Sections

.text
Size: 172KB - Virtual size: 172KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 314KB - Virtual size: 314KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e5a978d9b98f53f4784a656c91c6f8eb

Headers

File Characteristics

Imports

comctl32

gdi32

user32

advapi32

comdlg32

shell32

kernel32

Sections

.text Size: 172KB - Virtual size: 172KB

.rdata Size: 9KB - Virtual size: 34KB

.data Size: 314KB - Virtual size: 314KB

.rsrc Size: 5KB - Virtual size: 5KB

.text
Size: 172KB - Virtual size: 172KB

.rdata
Size: 9KB - Virtual size: 34KB

.data
Size: 314KB - Virtual size: 314KB

.rsrc
Size: 5KB - Virtual size: 5KB