cdc6fd33b5d845ecf49466fa52dbd504

Sharing

Copy URL Twitter E-mail

General

Target

cdc6fd33b5d845ecf49466fa52dbd504
Size

76KB
MD5

cdc6fd33b5d845ecf49466fa52dbd504
SHA1

da8cc24cb4a041148429c91b28321ce3f05031e7
SHA256

73ed85886a0ab17af5375e2d7e945c16b616b263e2968b2e4fc762fd114c3a7a
SHA512

dcc518bc9bd8764daf2dff82523ca48e654ad95f79c48b0e88dda16542d5b82dd54446a163a46e6db3edae519ef3a2c2617e5a788c91268a86529762476d2092
SSDEEP

1536:vDpNuwx/HRUbxd3KiAKfMaka1XZtC1vNoh2pWYyP2OBLPLN3rkHRBUmgl00+m51g:7pTxfRUbvaSXQgP2S93rQRBU3lrCT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cdc6fd33b5d845ecf49466fa52dbd504

Files

cdc6fd33b5d845ecf49466fa52dbd504
.exe windows:4 windows x86 arch:x86

12444da33ccf4f1d85e2046250b74dec

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

ToAscii
IsCharAlphaNumericA
SetWindowsHookExA
MapVirtualKeyA
CallNextHookEx
GetKeyNameTextA
GetKeyboardState
GetAsyncKeyState
SendMessageA
GetKeyState
GetMessageA
IsClipboardFormatAvailable
OpenClipboard
GetClipboardData
wsprintfA
CloseClipboard
GetWindowTextA
FindWindowExA

advapi32

RegSetValueA
RegOpenKeyExA
RegEnumKeyExA
RegQueryValueExA
RegSetValueExA
RegNotifyChangeKeyValue
RegCloseKey
OpenProcessToken
LookupPrivilegeValueA
RegCreateKeyA
AdjustTokenPrivileges

msvcrt

__CxxFrameHandler
_controlfp
__p__fmode
_except_handler3
__set_app_type
_initterm
__p__commode
_adjust_fdiv
__getmainargs
_acmdln
wcslen
wcsstr
fwprintf
sprintf
time
srand
fopen
fprintf
fputs
exit
fclose
fgets
tolower
rand
strstr
_CxxThrowException
??1type_info@@UAE@XZ
??3@YAXPAX@Z
_strupr
_exit
_XcptFilter
__setusermatherr

oleaut32

GetErrorInfo

kernel32

IsBadStringPtrA
CreateProcessA
CreateThread
LoadLibraryA
GetCurrentThreadId
GetStartupInfoA
LocalFree
CopyFileA
GetTickCount
lstrcatA
GetCurrentProcess
lstrlenA
VirtualAllocEx
GetModuleHandleA
OpenProcess
WriteProcessMemory
CreateRemoteThread
GetProcAddress
VirtualFreeEx
GetModuleFileNameA
WaitForSingleObject
FindResourceA
LoadResource
BeginUpdateResourceA
SizeofResource
CreateFileA
LockResource
CloseHandle
EndUpdateResourceA
lstrcpyA
GetSystemDirectoryA
CreateToolhelp32Snapshot
WriteFile
lstrcmpiA
Process32First
DeleteFileA
GetVersionExA
GetFileAttributesA
GetLastError
GetEnvironmentVariableA
GetLocalTime
CreateMutexA
Process32Next
CreateEventA
Sleep

Exports

Exports

?KeyHookMsg@@YGJHIJ@Z

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 60KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

12444da33ccf4f1d85e2046250b74dec

Headers

File Characteristics

Imports

user32

advapi32

msvcrt

oleaut32

kernel32

Exports

Exports

Sections

.text Size: 13KB - Virtual size: 13KB

.data Size: 1KB - Virtual size: 59KB

.rsrc Size: 60KB - Virtual size: 59KB

.text
Size: 13KB - Virtual size: 13KB

.data
Size: 1KB - Virtual size: 59KB

.rsrc
Size: 60KB - Virtual size: 59KB