cd47759ddaf8c55b5f5e4b670a1696f7

Sharing

Copy URL Twitter E-mail

General

Target

cd47759ddaf8c55b5f5e4b670a1696f7
Size

93KB
MD5

cd47759ddaf8c55b5f5e4b670a1696f7
SHA1

62cace453ba50958ca99287c3ba8c00c44062a65
SHA256

bf56932f8f9ad81cb75751bacdb1ceefdc08ecd0e03b25d307c40d5f782d51fc
SHA512

67a388e8eee0096cc8e9f3c55e621eb0db2e405c97c435c457210dbfe870a87022916a1b892a1af835d8acd42a01615649fc17580a710a7cf7af966159a5f385
SSDEEP

1536:8lLcX02mFtNQ6/97e4BZU2ThaQSwZyjeA0gXjvBBTaXU370x212l7:w2mFM69tUUEQXZQ4oBF370x2Ql7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cd47759ddaf8c55b5f5e4b670a1696f7

Files

cd47759ddaf8c55b5f5e4b670a1696f7
.exe windows:4 windows x86 arch:x86

7cd86fd410020d92e3babdf171c15347

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LockResource
LoadResource
FindResourceExA
IsBadStringPtrA
IsBadReadPtr
WaitForSingleObject
TerminateProcess
CloseHandle
OpenProcess
GetProcessHeap
HeapAlloc
SetLastError
HeapFree
MoveFileExA
GetShortPathNameA
GetPrivateProfileSectionA
WritePrivateProfileSectionA
CreateFileA
Sleep
lstrcatA
GetFileAttributesA
SetFileAttributesA
DeleteFileA
MoveFileA
ReadFile
WriteFile
SetFilePointer
GetLocalTime
GetCurrentProcessId
GetCurrentThreadId
SystemTimeToFileTime
GetModuleHandleA
GetModuleFileNameA
GetTempPathA
GetTickCount
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
CreateEventA
SetEvent
CreateMutexA
ReleaseMutex
GetComputerNameA
SizeofResource
CopyFileA
RemoveDirectoryA
UnmapViewOfFile
CreateFileMappingA
MapViewOfFile
SetCurrentDirectoryA
SetProcessPriorityBoost
GetSystemInfo
VirtualQuery
GetSystemTimeAsFileTime
MulDiv
GetTempFileNameA
HeapCreate
ExitProcess
GetCommandLineA
GetStartupInfoA
VirtualAlloc
VirtualProtect
HeapSize
HeapReAlloc
HeapDestroy
IsBadWritePtr
GetCurrentProcess
GetOEMCP
GetCPInfo
LCMapStringA
VirtualFree
LCMapStringW
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
QueryPerformanceCounter
RtlUnwind
GetStringTypeA
GetStringTypeW
SetStdHandle
FlushFileBuffers
FindResourceA
FreeLibrary
GetProcAddress
LoadLibraryA
GetWindowsDirectoryA
GetVersionExA
GetLastError
GetThreadLocale
CompareStringA
RaiseException
lstrlenW
InterlockedExchange
GetLocaleInfoA
GetACP
WideCharToMultiByte
MultiByteToWideChar
lstrlenA
SetUnhandledExceptionFilter
CreateProcessA
IsBadCodePtr

user32

EndDialog
GetSysColor
DrawTextA
DialogBoxParamA
GetWindowTextA
GetWindowTextLengthA
ReleaseDC
GetDC
GetDlgItem
SendMessageA
SetWindowTextA
GetSystemMetrics
SetWindowPos
GetWindowRect
FindWindowA
PostMessageA
GetWindowThreadProcessId
EnumWindows
MessageBoxA

gdi32

SetBkMode
DeleteObject
CreateFontIndirectA
GetDeviceCaps
GetObjectA
SetTextColor

advapi32

SetSecurityDescriptorDacl
InitializeSecurityDescriptor
MakeAbsoluteSD
GetSecurityDescriptorSacl
GetSecurityDescriptorDacl
GetSecurityDescriptorGroup
GetSecurityDescriptorOwner
GetSecurityDescriptorControl
GetAclInformation
AddAce
InitializeAcl
CopySid
InitializeSid
GetSidLengthRequired
GetSidSubAuthority
IsValidSid
GetLengthSid
RegSetValueExA
RegCreateKeyExA
RegQueryValueExA
RegOpenKeyExA
RegCloseKey
GetUserNameA

shell32

SHGetSpecialFolderPathA

ole32

CoUninitialize
CoInitialize
CLSIDFromProgID
CoCreateInstance

oleaut32

SysFreeString
VariantClear
VariantInit
SysStringLen
SysAllocStringLen
SysAllocString

shlwapi

PathRenameExtensionA
PathRemoveBackslashA
PathRemoveFileSpecA
PathAddBackslashA
StrCatBuffA
StrToIntExA
StrToIntA
SHSetValueA
SHGetValueA
wvnsprintfA
PathStripPathA
PathRemoveExtensionA
SHDeleteKeyA

ws2_32

WSAStartup
closesocket
recv
send
getsockopt
__WSAFDIsSet
WSACleanup
WSAGetLastError
gethostbyname
ioctlsocket
socket
inet_addr
connect
htons
select

Sections

.text
Size: 72KB - Virtual size: 72KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7cd86fd410020d92e3babdf171c15347

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

shlwapi

ws2_32

Sections

.text Size: 72KB - Virtual size: 72KB

.rdata Size: 15KB - Virtual size: 14KB

.data Size: 3KB - Virtual size: 8KB

.rsrc Size: 1KB - Virtual size: 1KB

.text
Size: 72KB - Virtual size: 72KB

.rdata
Size: 15KB - Virtual size: 14KB

.data
Size: 3KB - Virtual size: 8KB

.rsrc
Size: 1KB - Virtual size: 1KB