cd9602c3ace76a08e4eb00a4de0a2619

Sharing

Copy URL Twitter E-mail

General

Target

cd9602c3ace76a08e4eb00a4de0a2619
Size

392KB
MD5

cd9602c3ace76a08e4eb00a4de0a2619
SHA1

a87975bfe7874dc3a26763dad84effab1c15be91
SHA256

3e780e5ecf2de381ba2c7525499a6b5b400e4a3cf10467b976e92c180c470ece
SHA512

5f860b182890ef53e635e8edd4003d39b353c85931ab33c2456855079994e2cabc6526c6d32ce7875f4ba4d01c30342fedea6d3351371841abe50e21b0a538df
SSDEEP

12288:8DoZQV6s7wzojrcJvlrd6G2+5VCxby/Nm+hct:mR8zAcJtZ6x+6by/NmCQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cd9602c3ace76a08e4eb00a4de0a2619

Files

cd9602c3ace76a08e4eb00a4de0a2619
.exe windows:5 windows x86 arch:x86

190094650a1aaece8ddb59c711d69434

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_cexit
exit
_wcmdln
__wgetmainargs
_initterm
_XcptFilter
_exit
_c_exit
wcscmp
_wcsicmp
wcslen
_wcsnicmp
_snwprintf
??2@YAPAXI@Z
_purecall
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
__dllonexit
_onexit
_controlfp
wcscpy
wcscat
??3@YAXPAX@Z

atl

ord35
ord31
ord44
ord11
ord10
ord30
ord58
ord32
ord45
ord20
ord17
ord23
ord57
ord18
ord43
ord16
ord21

advapi32

CryptAcquireContextW
CryptCreateHash
CryptHashData
CryptGetHashParam
CryptDestroyHash
CryptReleaseContext
RegDeleteKeyW
RegCreateKeyExW
RegCloseKey
RegSetValueExW

kernel32

HeapAlloc
LoadLibraryA
GetProcessHeap
VirtualAlloc
GetSystemTimeAsFileTime
HeapFree
GetStartupInfoW
GetModuleHandleA
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
VirtualFree
lstrcpyW
HeapDestroy
FreeLibrary
GetLastError
lstrlenW
FlushInstructionCache
GetCurrentProcess
InitializeCriticalSection
DeleteCriticalSection
SetLastError

gdi32

DeleteObject

user32

SetDlgItemTextW
SendDlgItemMessageW
EndDialog
CallWindowProcW
SetForegroundWindow
FindWindowW
SystemParametersInfoW
GetMonitorInfoW
MonitorFromRect
LoadStringW
CreateWindowExW
DispatchMessageW
TranslateMessage
GetMessageW
PostMessageW
CharNextW
SendMessageW
ShowWindow
LoadBitmapW
LoadImageW
SetWindowTextW
SetWindowPos
GetClientRect
SetTimer
KillTimer
MessageBoxW
DestroyWindow
SetWindowLongW
GetSysColorBrush
GetSystemMetrics
PostQuitMessage
DefWindowProcW
GetWindowLongW

ole32

CoInitialize
CoUninitialize
CoCreateInstance

oleaut32

SysAllocString
LoadRegTypeLi
SafeArrayGetElement
VariantClear
SysAllocStringLen
SysStringLen
SysFreeString

shell32

CommandLineToArgvW

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 21B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.av1
Size: 358KB - Virtual size: 357KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.kalq
Size: 512B - Virtual size: 216B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.hjas
Size: 512B - Virtual size: 118B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.hjas0
Size: 512B - Virtual size: 118B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 166B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

190094650a1aaece8ddb59c711d69434

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

atl

advapi32

kernel32

gdi32

user32

ole32

oleaut32

shell32

Sections

.text Size: 8KB - Virtual size: 7KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 2KB - Virtual size: 1KB

.tls Size: 512B - Virtual size: 21B

.av1 Size: 358KB - Virtual size: 357KB

.kalq Size: 512B - Virtual size: 216B

.hjas Size: 512B - Virtual size: 118B

.hjas0 Size: 512B - Virtual size: 118B

.CRT Size: 512B - Virtual size: 8B

.rsrc Size: 16KB - Virtual size: 15KB

.reloc Size: 512B - Virtual size: 166B

.text
Size: 8KB - Virtual size: 7KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 2KB - Virtual size: 1KB

.tls
Size: 512B - Virtual size: 21B

.av1
Size: 358KB - Virtual size: 357KB

.kalq
Size: 512B - Virtual size: 216B

.hjas
Size: 512B - Virtual size: 118B

.hjas0
Size: 512B - Virtual size: 118B

.CRT
Size: 512B - Virtual size: 8B

.rsrc
Size: 16KB - Virtual size: 15KB

.reloc
Size: 512B - Virtual size: 166B