cd7958afa6a054646eacc037f12ca1a3

Sharing

Copy URL Twitter E-mail

General

Target

cd7958afa6a054646eacc037f12ca1a3
Size

387KB
MD5

cd7958afa6a054646eacc037f12ca1a3
SHA1

e13c695caf21cabb09e3435d37fc5c43477971d1
SHA256

a97c8c8274b40a18211e6d7504470a6a3e1f848c3ab8d8a67f9d75a1399cbc8d
SHA512

8eb0ffad687372f2fdfd55a0133c0ac639fff17b86d8437a95faea24a47dd3850c5ed80061ed359cc495fc5ebc8c7aee8117b5d4451096c2640a669da2b43cce
SSDEEP

6144:mt70lHIjagOEq1vOX9DM8ocJwo5La+ZKOKLjXbAb1uUnVvoMsdJy/az9X7BTG3BU:JxgMvONDnFaEaUJWJYazhBIBKPE4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cd7958afa6a054646eacc037f12ca1a3

Files

cd7958afa6a054646eacc037f12ca1a3
.exe windows:4 windows x86 arch:x86

e62aeed2d19d9994d4bc19e4e1476fe7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

RetrieveUrlCacheEntryStreamA
DeleteUrlCacheEntryA
ShowCertificate
InternetGoOnlineA
FindFirstUrlCacheContainerW

advapi32

RegSetValueA
RegQueryValueW
LookupPrivilegeDisplayNameA
RegDeleteKeyW

user32

SystemParametersInfoW
RegisterClipboardFormatA
IsDlgButtonChecked
RegisterClassA
InternalGetWindowText
CreateMenu
GetCursor
TranslateMDISysAccel
EqualRect
RegisterClassExA
DefFrameProcW
GetCaretPos
GetUserObjectInformationA
GetMessageW
RemoveMenu
IsCharAlphaW
TileWindows
ToAscii

comctl32

InitCommonControlsEx

kernel32

SetLastError
HeapDestroy
GetSystemTime
OpenMutexA
GetCPInfo
SetEnvironmentVariableA
HeapAlloc
GetVersion
WaitNamedPipeA
LCMapStringW
HeapCreate
CreateMutexA
GetTimeZoneInformation
GetStartupInfoA
ReadFile
SetFilePointer
CloseHandle
DosDateTimeToFileTime
InterlockedDecrement
InterlockedIncrement
GetNamedPipeHandleStateW
lstrcmpA
TlsAlloc
GetModuleHandleA
UnhandledExceptionFilter
CompareStringW
GetEnvironmentStringsW
GetNumberFormatA
GetLastError
GetStringTypeW
SetHandleCount
LeaveCriticalSection
GetProcAddress
WideCharToMultiByte
LCMapStringA
MultiByteToWideChar
TlsSetValue
GetStartupInfoW
DeleteCriticalSection
GetCommandLineW
GetEnvironmentStrings
EnterCriticalSection
HeapFree
ExitProcess
FreeEnvironmentStringsW
GetConsoleOutputCP
IsBadWritePtr
GetModuleFileNameW
CreateDirectoryW
SetStdHandle
GetThreadPriority
GetCurrentProcessId
HeapReAlloc
GetCurrentThreadId
TerminateProcess
InitializeCriticalSection
FlushFileBuffers
GetStringTypeA
GetFileType
lstrcmp
GetLocalTime
TlsFree
TlsGetValue
GetSystemTimeAsFileTime
GetProfileSectionA
InterlockedExchange
RtlUnwind
CompareStringA
LoadLibraryA
lstrlenA
WriteFile
GetStdHandle
FreeEnvironmentStringsA
GetCommandLineA
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcess
VirtualAlloc
GetCurrentThread
VirtualQuery
DebugActiveProcess
GetModuleFileNameA

Sections

.text
Size: 162KB - Virtual size: 162KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 207KB - Virtual size: 207KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e62aeed2d19d9994d4bc19e4e1476fe7

Headers

File Characteristics

Imports

wininet

advapi32

user32

comctl32

kernel32

Sections

.text Size: 162KB - Virtual size: 162KB

.rdata Size: 4KB - Virtual size: 12KB

.data Size: 207KB - Virtual size: 207KB

.rsrc Size: 12KB - Virtual size: 11KB

.text
Size: 162KB - Virtual size: 162KB

.rdata
Size: 4KB - Virtual size: 12KB

.data
Size: 207KB - Virtual size: 207KB

.rsrc
Size: 12KB - Virtual size: 11KB