cd8ff832888c545be41fd77f989f129c

Sharing

Copy URL Twitter E-mail

General

Target

cd8ff832888c545be41fd77f989f129c
Size

145KB
MD5

cd8ff832888c545be41fd77f989f129c
SHA1

3eb0880730e091980d692b17169f62d265fe779d
SHA256

47c1e22b1d7bed4b90cb1498617993536c7265ea1831fc3e5c86ad40424d5403
SHA512

4f4b7940794fb9c85efb6fddd438bb2d1dfd07e07f39bb2147acaa77355d99993eb2bb29557081533762cf815a2e48ab3801a0a8838cf7397e0b94ee0be76742
SSDEEP

3072:rGt7UgSBtPgF4W6tolMih5yGDFWdR4dvkAa:8f0h+Mih5yGDVv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cd8ff832888c545be41fd77f989f129c

Files

cd8ff832888c545be41fd77f989f129c
.exe windows:4 windows x86 arch:x86

c83efd2f132d685486484b7267611f69

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

RegisterWindowMessageA
GetMenu
GetScrollInfo
CharLowerBuffA
TranslateMDISysAccel
DeleteMenu
GetDC
GetScrollPos
GetActiveWindow
PostMessageA
IsZoomed
GetMenuItemID
CreatePopupMenu
DestroyIcon
GetClassNameA
GetForegroundWindow
CloseClipboard
GetWindowTextLengthA
CharUpperBuffA
LoadKeyboardLayoutA
DefMDIChildProcA
MapWindowPoints
GetCursorPos
WindowFromPoint
DrawEdge
SendMessageW
SetClassLongA
CharUpperA
SendMessageA
IsWindowEnabled
GetCursor
OpenClipboard
GetSysColorBrush
LoadIconA
AdjustWindowRectEx
GetWindowRect
IsRectEmpty
GetMenuStringA
RegisterClassA
DestroyCursor
EnableScrollBar
InflateRect
PostQuitMessage
GetClientRect
ActivateKeyboardLayout
GetWindowLongA
EqualRect
SetWindowPlacement
GetWindow
IsCharLowerA
IsWindowUnicode
IntersectRect
GetKeyboardLayout
SetTimer
WaitMessage
SetMenu
CreateWindowExA
DefWindowProcA
wsprintfA
CharLowerA
GetSystemMenu
GetSystemMetrics

ole32

StgCreateDocfileOnILockBytes

shell32

Shell_NotifyIconW
DragQueryFileA
SHFileOperationA

kernel32

GetStartupInfoA
GetModuleFileNameA
GetStringTypeA
GetModuleHandleA
FormatMessageA
VirtualAllocEx
ReadFile
HeapFree
GetDiskFreeSpaceA
LoadLibraryA
GetCPInfo
GlobalFindAtomA
GetThreadLocale
LoadResource
GetSystemDefaultLangID
GetLocalTime
lstrlenW
GetProcessHeap
SetErrorMode
SetFilePointer
LockResource
ExitProcess
FindClose
FreeLibrary
GetProcAddress

Exports

Exports

SldiMi2sgm4nU@20

Sections

.text
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 100KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.badata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c83efd2f132d685486484b7267611f69

Headers

File Characteristics

Imports

user32

ole32

shell32

kernel32

Exports

Exports

Sections

.text Size: 22KB - Virtual size: 21KB

.rdata Size: 9KB - Virtual size: 116KB

.data Size: 100KB - Virtual size: 99KB

.edata Size: 3KB - Virtual size: 2KB

.badata Size: 1KB - Virtual size: 1KB

.rsrc Size: 8KB - Virtual size: 8KB

.text
Size: 22KB - Virtual size: 21KB

.rdata
Size: 9KB - Virtual size: 116KB

.data
Size: 100KB - Virtual size: 99KB

.edata
Size: 3KB - Virtual size: 2KB

.badata
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 8KB - Virtual size: 8KB