cd1711dda4b88eb09058c0c993af9d4b

Sharing

Copy URL Twitter E-mail

General

Target

cd1711dda4b88eb09058c0c993af9d4b
Size

499KB
MD5

cd1711dda4b88eb09058c0c993af9d4b
SHA1

21a964f0f29a8754b6545f273e5408ea1daa18c2
SHA256

50c94891b8ecabe1d390614fc86ed090b1c72ae9a48430ae2804806b98b87e2c
SHA512

8837b047688cc5e35396093e03bf22e64ac3812bef9385a4da5d5a52d7dfce8bee96c58f12e02834a53faf61e8057704b6053f7f51ef790b0a28cc53d2088b40
SSDEEP

12288:CnhXlxAt1/CZCn0jbrpjM5y+49oY0L/1VcRr080Etj:CnVlSb/hn0HdjM5y+49V0j1VeDHt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cd1711dda4b88eb09058c0c993af9d4b

Files

cd1711dda4b88eb09058c0c993af9d4b
.exe windows:4 windows x86 arch:x86

a20a998eace2cc041a0c6bbd5c665bcf

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

advapi32

RegCloseKey
RegCreateKeyExA
RegDeleteKeyA
RegDeleteValueA
RegEnumKeyA
RegEnumKeyExA
RegEnumValueA
RegOpenKeyExA
RegQueryInfoKeyA
RegQueryValueExA
RegSetValueExA

comctl32

ImageList_Create
ImageList_ReplaceIcon
InitCommonControls
PropertySheetA

comdlg32

ChooseColorA
ChooseFontA
GetOpenFileNameA

gdi32

BitBlt
CreateCompatibleBitmap
CreateCompatibleDC
CreateFontIndirectA
CreateSolidBrush
DeleteDC
DeleteObject
ExtCreatePen
GetDeviceCaps
GetObjectType
GetPixel
GetStockObject
GetTextExtentPoint32A
GetTextFaceA
GetTextMetricsA
Rectangle
SelectObject
SetBkMode
SetPixel
SetTextColor

kernel32

AddAtomA
CloseHandle
CreateEventA
CreateFileA
CreateFileMappingA
CreateMutexA
CreateRemoteThread
CreateSemaphoreA
CreateThread
DeleteFileA
DuplicateHandle
ExitProcess
ExitThread
FindAtomA
FindClose
FindFirstFileA
FindNextFileA
FindResourceA
FormatMessageA
FreeLibrary
FreeResource
GetAtomNameA
GetCommandLineA
GetCurrentProcess
GetCurrentThreadId
GetExitCodeThread
GetFileSize
GetLastError
GetModuleFileNameA
GetModuleHandleA
GetProcAddress
GetStartupInfoA
GetTempFileNameA
GetTempPathA
GetThreadContext
GetVersionExA
GlobalAlloc
GlobalLock
GlobalUnlock
InterlockedDecrement
InterlockedIncrement
LoadLibraryA
LoadResource
LocalFree
LockResource
MapViewOfFile
MulDiv
OpenProcess
ReadFile
ReadProcessMemory
ReleaseMutex
ReleaseSemaphore
ResumeThread
SearchPathA
SetEvent
SetLastError
SetUnhandledExceptionFilter
SignalObjectAndWait
SizeofResource
Sleep
SuspendThread
TerminateProcess
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnmapViewOfFile
VirtualProtectEx
VirtualQueryEx
WaitForMultipleObjects
WaitForSingleObject
WideCharToMultiByte
WriteFile
WriteProcessMemory

mingwm10

__mingwthr_key_dtor

msvcrt

_fdopen
_fileno
_isatty
_itoa
_strdup
_stricmp
_strnicmp
_write
__getmainargs
__mb_cur_max
__p__environ
__p__fmode
__set_app_type
_cexit
_ctype
_errno
_fileno
_iob
_isctype
_onexit
_pctype
_setmode
_vsnprintf
abort
atexit
atoi
fclose
fflush
fopen
fprintf
fread
free
fseek
ftell
fwrite
getc
getenv
localeconv
malloc
memchr
memcpy
memmove
memset
printf
realloc
setlocale
setvbuf
signal
sprintf
strcat
strchr
strcmp
strcoll
strcpy
strftime
strlen
strncat
strncmp
strncpy
strrchr
strtod
strtok
strtol
strtoul
strxfrm
ungetc

ole32

CoCreateInstance
CoInitialize
CreateILockBytesOnHGlobal
CreateStreamOnHGlobal
StgCreateDocfileOnILockBytes

olepro32

OleLoadPicture

shell32

ExtractIconExA
ShellExecuteA
Shell_NotifyIconA

user32

AdjustWindowRectEx
AppendMenuA
BeginPaint
CheckDlgButton
CheckMenuItem
CheckRadioButton
ClientToScreen
CopyImage
CreateCaret
CreateIconIndirect
CreatePopupMenu
CreateWindowExA
DefWindowProcA
DestroyCaret
DestroyCursor
DestroyIcon
DestroyMenu
DestroyWindow
DialogBoxParamA
DispatchMessageA
DragDetect
DrawIconEx
DrawTextA
DrawTextExA
EnableWindow
EndDialog
EndPaint
EnumWindows
FillRect
FindWindowA
FindWindowExA
FrameRect
GetClassLongA
GetClassNameA
GetClientRect
GetCursorPos
GetDC
GetDesktopWindow
GetDlgCtrlID
GetDlgItem
GetDlgItemInt
GetDlgItemTextA
GetFocus
GetForegroundWindow
GetIconInfo
GetKeyNameTextA
GetMenuItemCount
GetMenuItemInfoA
GetMessageA
GetParent
GetSubMenu
GetSysColor
GetSysColorBrush
GetSystemMenu
GetWindow
GetWindowDC
GetWindowLongA
GetWindowRect
GetWindowTextA
GetWindowThreadProcessId
HideCaret
InsertMenuA
InsertMenuItemA
InvalidateRect
IsDialogMessageA
IsDlgButtonChecked
IsIconic
IsWindow
IsWindowVisible
IsZoomed
KillTimer
LoadAcceleratorsA
LoadCursorA
LoadIconA
LoadImageA
LoadMenuA
LoadStringA
MapVirtualKeyA
MessageBeep
MessageBoxA
MoveWindow
OpenIcon
PostMessageA
PostQuitMessage
PtInRect
RegisterClassA
RegisterClassExA
RegisterHotKey
RegisterWindowMessageA
ReleaseCapture
ReleaseDC
RemoveMenu
SendDlgItemMessageA
SendMessageA
SendMessageTimeoutA
SetCapture
SetCaretPos
SetClassLongA
SetCursor
SetDlgItemInt
SetDlgItemTextA
SetFocus
SetForegroundWindow
SetSysColors
SetTimer
SetWindowLongA
SetWindowPos
SetWindowTextA
ShowCaret
ShowOwnedPopups
ShowWindow
ShowWindowAsync
SystemParametersInfoA
TrackMouseEvent
TrackPopupMenu
TranslateAcceleratorA
TranslateMessage
UnregisterHotKey

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

Sections

.text
Size: 395KB - Virtual size: 394KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 20KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

bkav.plp
Size: 62KB - Virtual size: 62KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

a20a998eace2cc041a0c6bbd5c665bcf

Headers

File Characteristics

Imports

advapi32

comctl32

comdlg32

gdi32

kernel32

mingwm10

msvcrt

ole32

olepro32

shell32

user32

version

Sections

.text Size: 395KB - Virtual size: 394KB

.data Size: 7KB - Virtual size: 7KB

.rdata Size: 5KB - Virtual size: 5KB

.bss Size: - Virtual size: 20KB

.idata Size: 9KB - Virtual size: 9KB

bkav.plp Size: 62KB - Virtual size: 62KB

.rsrc Size: 18KB - Virtual size: 18KB

.text
Size: 395KB - Virtual size: 394KB

.data
Size: 7KB - Virtual size: 7KB

.rdata
Size: 5KB - Virtual size: 5KB

.bss
Size: - Virtual size: 20KB

.idata
Size: 9KB - Virtual size: 9KB

bkav.plp
Size: 62KB - Virtual size: 62KB

.rsrc
Size: 18KB - Virtual size: 18KB