cd4053a2e66cf5a6de9dd9789295c338

Sharing

Copy URL Twitter E-mail

General

Target

cd4053a2e66cf5a6de9dd9789295c338
Size

65KB
MD5

cd4053a2e66cf5a6de9dd9789295c338
SHA1

a1d17c725b230d3bfc85bcbc7a9fab0d60bee274
SHA256

287e333c419ff545968a35cf52d8ea7f610eb402f20a53ac1a20774a994a716a
SHA512

4c0ba6701162182a84946a1d1629e4ea7cebab7f834440fa5f5501b25adb863de820d49ee73f94b6f95057f7efa3adf1c006c7973aeff1702a545e4bb09a976f
SSDEEP

1536:vFMDkjboaSRF6gMnpDAaY5HVCOVVIJwHJptOXHqGGWikA/wfNnmz8:9MwjPSRF6VpvsVYaDeDnm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cd4053a2e66cf5a6de9dd9789295c338

Files

cd4053a2e66cf5a6de9dd9789295c338
.dll windows:4 windows x86 arch:x86

2c6ff5940886f34ad02c1f65cc710990

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
DeleteFileA
ExitProcess
GetACP
GetCommandLineA
GetLastError
GetLocalTime
GetModuleHandleA
GetOEMCP
GetStartupInfoA
HeapAlloc
InterlockedIncrement
RtlUnwind
SetLastError
UnmapViewOfFile
lstrcatA
lstrcmpiA

advapi32

RegCloseKey
RegEnumKeyA
RegLoadKeyA
RegOpenKeyExA
RegQueryValueA

wininet

InternetWriteFile
InternetSetStatusCallbackA
InternetSetOptionExA
InternetSetFilePointer
InternetQueryDataAvailable
InternetGetLastResponseInfoA
InternetGetCookieA
InternetCrackUrlA
InternetConnectA
InternetCloseHandle
InternetCanonicalizeUrlA
HttpSendRequestA
HttpQueryInfoA
HttpOpenRequestA
HttpAddRequestHeadersA

user32

SetFocus
RegisterClassA
MessageBoxA
LoadCursorFromFileA
EndDeferWindowPos
DrawStateA
DrawMenuBar
ActivateKeyboardLayout
CreateMDIWindowA
CreateDesktopW
CreateDesktopA

shell32

SHGetDesktopFolder
SHGetMalloc
SHGetPathFromIDListA
ShellExecuteA
ShellExecuteExW
SHGetFileInfoA

shlwapi

PathQuoteSpacesA
StrChrA
PathMatchSpecA
PathCompactPathExA
PathIsRootA

imm32

ImmGetCompositionStringW
ImmReleaseContext
ImmSetCompositionFontA
ImmSetCompositionWindow
ImmGetContext

msvcrt

rand
_except_handler3
sprintf
strcmp
strlen
strstr
free
getenv
vsprintf

Exports

Exports

Nvsuct
Yvbcvbnmrnn

Sections

.text
Size: 23KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 22KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2c6ff5940886f34ad02c1f65cc710990

Headers

File Characteristics

Imports

kernel32

advapi32

wininet

user32

shell32

shlwapi

imm32

msvcrt

Exports

Exports

Sections

.text Size: 23KB - Virtual size: 24KB

.rdata Size: 22KB - Virtual size: 24KB

.data Size: 4KB - Virtual size: 4KB

.idata Size: 2KB - Virtual size: 4KB

.rsrc Size: 11KB - Virtual size: 12KB

.text
Size: 23KB - Virtual size: 24KB

.rdata
Size: 22KB - Virtual size: 24KB

.data
Size: 4KB - Virtual size: 4KB

.idata
Size: 2KB - Virtual size: 4KB

.rsrc
Size: 11KB - Virtual size: 12KB