cda19c1d938f33c4bb0ce853e14c3703

Sharing

Copy URL Twitter E-mail

General

Target

cda19c1d938f33c4bb0ce853e14c3703
Size

855KB
MD5

cda19c1d938f33c4bb0ce853e14c3703
SHA1

4f2601513f9eea6a212ec1f340474980f28343d9
SHA256

e3ee521fdca942db4bb87d52bc2ab4ecedd9c437ea68fab255ac95899054a0e9
SHA512

ffd5dc318c3af508ebc9dcb88a8c05db4f3f5f0277effe3b8ce92d17b6d1e56121081ea93d7cd7e2f63d4ab1a347ffebffb440ce0f7e33f1a0a8d0f874eeb42d
SSDEEP

24576:/N2ZqKAYVoUzwVUTMdDjhdAGuABd4z6KW:VInAktYdDjjt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cda19c1d938f33c4bb0ce853e14c3703

Files

cda19c1d938f33c4bb0ce853e14c3703
.exe windows:5 windows x86 arch:x86

bc7d6bad2c766857418436343aa6bf49

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetDlgCtrlID
SetDlgItemTextW
GetMessageW
UnhookWindowsHookEx
IsDialogMessageW
FindWindowW
SendMessageA
SetTimer
SetPropA
OpenClipboard
LoadCursorA
SetScrollPos
GetWindowLongW
GetPropA
SetWindowsHookExW
PostMessageA
GetDlgItem
RegisterWindowMessageW
MessageBeep
PostQuitMessage
RegisterClassW
GetWindowTextA
CharNextW
GetScrollPos
GetMenuState
ReleaseCapture
LoadIconW

kernel32

IsValidCodePage
GetVolumeInformationW
GetStartupInfoA
GetSystemDirectoryA
GetVersion
GetLocaleInfoA
SetThreadLocale
CreateFileW
OpenEventW
RtlUnwind
FormatMessageA
CreateMutexW
lstrcpyA
TlsGetValue
GetCurrentThreadId
HeapAlloc
SetFileAttributesW
FreeEnvironmentStringsA
GetSystemTimeAsFileTime
MulDiv
GetConsoleOutputCP
CreateFileA
GetFileTime
lstrcpyW
DeleteFileW
LoadLibraryA
GetCPInfo
GetACP
GetShortPathNameW
lstrcmpiW
SetFileTime
VirtualAlloc
ResumeThread
GetProcAddress
HeapSize
GetLocaleInfoW
GetDriveTypeA
MapViewOfFile
LocalFileTimeToFileTime
FindFirstFileA
GetLocalTime
SetFilePointer
SetHandleCount
WritePrivateProfileStringA
CreateDirectoryW
FindNextFileA
InterlockedDecrement

advapi32

CryptReleaseContext
RegOpenKeyA
IsValidSid
RegDeleteKeyA
RegSetValueExA
OpenServiceW
AddAccessAllowedAce

msvcrt

__p__fmode
??0exception@@QAE@ABQBD@Z
__p__commode
__set_app_type
_callnewh
__getmainargs
_exit
_purecall
exit
isdigit

Sections

.text
Size: 263KB - Virtual size: 263KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 85KB - Virtual size: 85KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data/0x
Size: 512B - Virtual size: 1.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 504KB - Virtual size: 504KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bc7d6bad2c766857418436343aa6bf49

Headers

DLL Characteristics

File Characteristics

Imports

user32

kernel32

advapi32

msvcrt

Sections

.text Size: 263KB - Virtual size: 263KB

.rdata Size: 85KB - Virtual size: 85KB

.data/0x Size: 512B - Virtual size: 1.9MB

.rsrc Size: 504KB - Virtual size: 504KB

.reloc Size: 1024B - Virtual size: 1024B

.text
Size: 263KB - Virtual size: 263KB

.rdata
Size: 85KB - Virtual size: 85KB

.data/0x
Size: 512B - Virtual size: 1.9MB

.rsrc
Size: 504KB - Virtual size: 504KB

.reloc
Size: 1024B - Virtual size: 1024B