cd39f186ce850203533c375380d84a3d

Sharing

Copy URL Twitter E-mail

General

Target

cd39f186ce850203533c375380d84a3d
Size

255KB
MD5

cd39f186ce850203533c375380d84a3d
SHA1

2bebe361502cd63688df491d50c3614ce9c53aa3
SHA256

18d2d568299099772f604ba95236056583226b465224eb67a9b17cb32d54addf
SHA512

9afd217ad7eb52de6c4bf2937d237ff140c52c2110c027016da211973f46ed14ff50c0dab496f97f2f0988ca586a8beb7d0b1b660ed5e233a2b4a8d0d3045653
SSDEEP

6144:E/ikzLC0rHiD5hZUMN/I0ow/L/Z1OhKmJtFUykHi:EquLC0rHiVPxI0ZL/rmJtCH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cd39f186ce850203533c375380d84a3d

Files

cd39f186ce850203533c375380d84a3d
.exe windows:4 windows x86 arch:x86

86152d3d1e34033b4621bc3b146730fb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ImageList_Create
CreatePropertySheetPageW

advapi32

RegEnumKeyExA
GetServiceDisplayNameW
RegQueryInfoKeyA
CryptGetKeyParam
EqualSid
CreateProcessAsUserW
RegUnLoadKeyW
OpenSCManagerW
InitiateSystemShutdownW
LookupPrivilegeValueW
RegDeleteValueA
CloseEventLog
ImpersonateLoggedOnUser
RegGetKeySecurity
RegDeleteKeyW
GetUserNameW
GetFileSecurityA
RegQueryValueExA
DeregisterEventSource

oleaut32

VariantChangeType
QueryPathOfRegTypeLi
SafeArrayUnaccessData
SafeArrayGetLBound
SysFreeString
SetErrorInfo

version

GetFileVersionInfoA

user32

ShowWindow
EnumDisplaySettingsExW
GetClassNameA
CreateDialogIndirectParamA
SendDlgItemMessageA
ScrollWindow
GetKeyboardState
GetClassLongW
ModifyMenuA
SetDlgItemTextW
GetWindowTextW
IsDialogMessageA
MsgWaitForMultipleObjects
SetWindowLongA
ReleaseDC
ClientToScreen
GetMessageA
SetUserObjectSecurity
GetAncestor
SetPropA
OemKeyScan
CreateCursor
SetProcessWindowStation
GetUpdateRgn
GetClipboardViewer
EnumWindows
SendInput
BeginDeferWindowPos
IntersectRect
SetLastErrorEx
GetMessagePos
GetMenuInfo
RegisterClassW
MessageBoxW
SetWindowLongW
CharLowerBuffW
GetSysColorBrush
LoadIconW
ToAscii
EnumDisplaySettingsExA
SetMenuDefaultItem
SwitchDesktop
AdjustWindowRect
GetClassInfoExA
IsCharAlphaW
DestroyAcceleratorTable
SetCaretBlinkTime
GetPropW
OemToCharA
InsertMenuItemW
GetWindowPlacement
UnregisterClassA
GetWindowTextLengthA
EnumWindowStationsW
EnumChildWindows
GetProcessWindowStation
AppendMenuW
ArrangeIconicWindows

ole32

OleFlushClipboard
CoUninitialize
CoDisconnectObject
CoMarshalInterThreadInterfaceInStream
ReadClassStg

kernel32

GetBinaryTypeA
SetConsoleActiveScreenBuffer
FindNextChangeNotification
GetTempPathW
GetPrivateProfileSectionW
GetSystemTime
FillConsoleOutputCharacterA
CreateDirectoryA
EnumDateFormatsW
LocalSize
IsBadReadPtr
GetSystemTimeAsFileTime
RemoveDirectoryW
EnumCalendarInfoA
LoadResource
SetupComm
GetCurrentProcessId
SetConsoleOutputCP
CreatePipe
CancelIo
GetFileType
GetFileAttributesA
CloseHandle
CompareStringW
UnhandledExceptionFilter
VirtualAllocEx
GetStartupInfoA
CreateDirectoryExA
EnumTimeFormatsW
LocalLock
FileTimeToLocalFileTime
GetEnvironmentStringsW
FlushFileBuffers
GetCommConfig
PurgeComm
FormatMessageW
GlobalUnlock
SetEnvironmentVariableW
GetHandleInformation
MoveFileExA
SetCommMask
SwitchToFiber
GlobalReAlloc
ReadDirectoryChangesW
Beep
GetEnvironmentVariableW
GlobalAddAtomA
EndUpdateResourceA
RaiseException
SuspendThread
ExpandEnvironmentStringsW
VirtualAlloc
lstrlenA
FindCloseChangeNotification
SetVolumeLabelA
EnumSystemCodePagesA
GetCompressedFileSizeW
SetProcessWorkingSetSize
VirtualFree
VirtualQuery
SetTimeZoneInformation
VirtualUnlock
SetNamedPipeHandleState
lstrcmpA
ReadConsoleA
lstrcmpiA
ReadFileScatter
EnumSystemCodePagesW
SetMailslotInfo
GetCPInfo
GetShortPathNameW
GetProfileStringA
ReleaseSemaphore
ScrollConsoleScreenBufferA
GetCurrentDirectoryW
_lopen
GetModuleHandleA
GetTimeZoneInformation
GetAtomNameA
FindFirstFileA
UnmapViewOfFile
FlushConsoleInputBuffer
GetLogicalDriveStringsA
SetFileTime
EraseTape
FreeLibrary
SetThreadAffinityMask
FreeEnvironmentStringsA
GlobalGetAtomNameW
GetStringTypeExW
GetTapeStatus
ReleaseMutex
LoadLibraryExW
SetCurrentDirectoryA
GenerateConsoleCtrlEvent
GetTickCount
LCMapStringA
SetConsoleMode

gdi32

GetTextCharsetInfo
GetClipRgn
SetEnhMetaFileBits
GetDCOrgEx
GetROP2
OffsetWindowOrgEx
CreateBitmapIndirect
CloseFigure
DeleteMetaFile
CreateCompatibleBitmap
GetRgnBox
StretchBlt
CreateFontIndirectW
SetBitmapDimensionEx
TextOutW
CreatePen
GetTextMetricsW
SetSystemPaletteUse
GetBitmapBits
OffsetViewportOrgEx
CreatePolyPolygonRgn

msvcrt

_controlfp
_except_handler3
__set_app_type
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_kbhit
_lseek
_fsopen
iswctype
_wstrdate
_mbsnbcnt
gmtime
tmpnam
wcstok
strtod
strncat
iswdigit
_write
_tempnam
_tzset
getchar
__p___argc
_waccess
strpbrk
_wgetenv
_wremove
_flushall
isleadbyte
_stat
fclose
fgetwc
_dup2
_ltoa
_wfreopen
_getcwd
_getmbcp
_fileno
_snprintf
_exit
fwprintf
_fstat
__p__commode
__p__fmode
_adjust_fdiv

Sections

.text
Size: 192KB - Virtual size: 192KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 55KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

86152d3d1e34033b4621bc3b146730fb

Headers

File Characteristics

Imports

comctl32

advapi32

oleaut32

version

user32

ole32

kernel32

gdi32

msvcrt

Sections

.text Size: 192KB - Virtual size: 192KB

.rdata Size: 7KB - Virtual size: 6KB

.data Size: 55KB - Virtual size: 54KB

.text
Size: 192KB - Virtual size: 192KB

.rdata
Size: 7KB - Virtual size: 6KB

.data
Size: 55KB - Virtual size: 54KB