cd6574a2e25afe0e92e6bf3ede843981

Sharing

Copy URL Twitter E-mail

General

Target

cd6574a2e25afe0e92e6bf3ede843981
Size

475KB
MD5

cd6574a2e25afe0e92e6bf3ede843981
SHA1

8ae71c53ac3f3af74a9137f9e5d72d8c41584511
SHA256

ba5610e134fc3df6063777fbaab80cf53377ee3e267615f47a30efe1e9628a5f
SHA512

89a27db396244d51171737fac01627f15573fbab4088b4ad5b08bab6a5241aeb49e1fc7aeca3a73b150f606cc7062ccf6913e9ced2a6a97fffc3fddd636c71e0
SSDEEP

12288:sbW5bHmh7hctP8TBzVRHRmeSUkwDxnKXUpAI9snzNGj:pyh7hU2B/HRmfUpl9s

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cd6574a2e25afe0e92e6bf3ede843981

Files

cd6574a2e25afe0e92e6bf3ede843981
.exe windows:4 windows x86 arch:x86

d8f2c3a9e603d0e00728984d206f48f2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCommandLineW
CompareStringW
IsValidLocale
GetSystemDirectoryW
RtlUnwind
GetStringTypeW
GetTempFileNameA
GetCurrentProcess
GetOEMCP
VirtualAlloc
LeaveCriticalSection
IsDebuggerPresent
HeapReAlloc
GetLocaleInfoA
GetPrivateProfileIntW
GetLastError
FreeLibrary
LCMapStringW
GetModuleFileNameA
GetCPInfo
GetStringTypeA
ExitProcess
GetDateFormatA
GetStdHandle
GetUserDefaultLCID
LoadLibraryA
GetTickCount
GetSystemTimeAsFileTime
GetStartupInfoA
FreeEnvironmentStringsW
HeapSize
QueryPerformanceCounter
TlsSetValue
SetHandleCount
SetWaitableTimer
SetEnvironmentVariableA
TlsAlloc
EnumSystemLocalesA
HeapAlloc
GetModuleFileNameW
HeapFree
GetLogicalDriveStringsW
MultiByteToWideChar
GetCurrentProcessId
GetTimeFormatW
GetTimeFormatA
GetStartupInfoW
SetUnhandledExceptionFilter
HeapDestroy
EnterCriticalSection
GetEnvironmentStringsW
GetTimeZoneInformation
GetACP
WideCharToMultiByte
SetLastError
CreateFileW
SetThreadContext
GetModuleHandleA
WriteFile
VirtualFree
AllocConsole
WaitForMultipleObjectsEx
SetConsoleCtrlHandler
GlobalAddAtomA
ConnectNamedPipe
DeleteCriticalSection
HeapCreate
GetProcAddress
GetFileType
GetLocaleInfoW
CompareStringA
IsValidCodePage
InterlockedExchange
InitializeCriticalSectionAndSpinCount
UnhandledExceptionFilter
GetModuleHandleW
VirtualQuery
TlsFree
Sleep
ReadConsoleOutputA
LCMapStringA
GetCurrentThreadId
InterlockedDecrement
TlsGetValue
TerminateProcess
GetCurrentThread
InterlockedIncrement
GetPrivateProfileStringW

gdi32

AnimatePalette
GetMetaFileA
DPtoLP
SetDIBColorTable
GetCurrentPositionEx
GetRegionData
ExtCreateRegion
GetWindowExtEx
Chord
ExtCreatePen
LineTo
SetBitmapDimensionEx
CreateHatchBrush
CreateBitmap
PolyPolyline

comdlg32

ChooseColorW
LoadAlterBitmap
ReplaceTextW
FindTextW
PageSetupDlgW
ChooseFontA
GetOpenFileNameA
ChooseColorA
GetSaveFileNameA

Sections

.text
Size: 195KB - Virtual size: 194KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 278KB - Virtual size: 277KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d8f2c3a9e603d0e00728984d206f48f2

Headers

File Characteristics

Imports

kernel32

gdi32

comdlg32

Sections

.text Size: 195KB - Virtual size: 194KB

.data Size: 278KB - Virtual size: 277KB

.rsrc Size: 1KB - Virtual size: 1KB

.text
Size: 195KB - Virtual size: 194KB

.data
Size: 278KB - Virtual size: 277KB

.rsrc
Size: 1KB - Virtual size: 1KB