05cc64edf3ee373e8f5b2f6242781f96

Sharing

Copy URL Twitter E-mail

General

Target

05cc64edf3ee373e8f5b2f6242781f96
Size

2.5MB
MD5

05cc64edf3ee373e8f5b2f6242781f96
SHA1

3516d2d28603902c2de2744a92aa6080633a0951
SHA256

bc304e28fd68a1afaae3eae93f05468e405d31300a7b58240fc7612b6ae9d0b2
SHA512

959fb8db8361c9ad9801128e45c4eff7b3a0ba8629f6d3e4efbe67cab5b7136f8c4f4c5859e2d6716b6b9349d4e7946536bd5eef44639d1177b36269692d9d0f
SSDEEP

49152:UwsTB12UfHNnf+FZ6ij6iwE1N48zznwoK3pm7UWVLQDpr/Vg14G:nsTBxfHNzi31NKoD7UWVLq9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
05cc64edf3ee373e8f5b2f6242781f96

Files

05cc64edf3ee373e8f5b2f6242781f96
.exe windows:6 windows x86 arch:x86

f9092ce88a7a46a19dd67d0e15b1c554

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\Personal\MyWork\12.adsRise_cef_PC\adsRise3\Release_pc\adsRise3_pc.pdb

Imports

ws2_32

sendto
recvfrom
accept
freeaddrinfo
getaddrinfo
socket
setsockopt
getsockname
getpeername
connect
send
closesocket
bind
ioctlsocket
WSAIoctl
recv
WSASetLastError
select
__WSAFDIsSet
getsockopt
listen
ntohs
htons
WSACleanup
WSAStartup
gethostname
gethostbyname
inet_ntoa
inet_addr
WSAGetLastError

winmm

midiStreamOpen
waveOutWrite

kernel32

DeleteCriticalSection
GetCurrentThreadId
LoadLibraryExW
LoadResource
SizeofResource
FindResourceW
GlobalAlloc
GlobalUnlock
GlobalLock
MulDiv
lstrcmpiW
FindFirstFileA
FindNextFileA
RemoveDirectoryA
InitializeCriticalSection
SetEvent
WaitForSingleObject
CreateEventW
GetSystemTimes
CreateProcessA
CreateProcessW
GetModuleHandleA
LoadLibraryA
lstrcmpiA
GetCurrentDirectoryW
GetFileType
ReadFile
SetFilePointer
SetFileTime
WriteFile
DuplicateHandle
DosDateTimeToFileTime
SystemTimeToFileTime
WideCharToMultiByte
GetEnvironmentVariableA
CreateDirectoryA
CreateFileA
DeleteFileA
GetFileAttributesA
GetFileSize
SetFileAttributesA
QueryPerformanceCounter
QueryPerformanceFrequency
ResetEvent
CreateMutexA
TerminateProcess
TerminateThread
SuspendThread
OpenProcess
GetTickCount
GetTickCount64
GetModuleFileNameA
LockResource
GlobalHandle
GlobalFree
LocalAlloc
LocalFree
QueryDosDeviceA
MoveFileA
K32EnumProcesses
K32EmptyWorkingSet
K32GetProcessImageFileNameA
InitializeCriticalSectionAndSpinCount
FormatMessageA
HeapAlloc
Sleep
WaitForMultipleObjects
CreateThread
ExitThread
TlsSetValue
TlsFree
GetSystemTimeAsFileTime
CompareStringW
LCMapStringW
GetLocaleInfoW
GetStringTypeW
GetCPInfo
UnhandledExceptionFilter
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
InitializeSListHead
InterlockedPopEntrySList
InterlockedPushEntrySList
FlushInstructionCache
VirtualAlloc
VirtualFree
LoadLibraryExA
OutputDebugStringW
VirtualQuery
LeaveCriticalSection
ResumeThread
SetThreadContext
GetThreadContext
GetThreadTimes
FreeLibraryAndExitThread
RtlUnwind
GetModuleHandleExW
GetDriveTypeW
GetFullPathNameW
SetFilePointerEx
GetFileInformationByHandle
SystemTimeToTzSpecificLocalTime
FileTimeToSystemTime
ExitProcess
GetConsoleMode
ReadConsoleW
GetConsoleCP
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
FlushFileBuffers
GetFileSizeEx
GetTimeZoneInformation
SetStdHandle
FindFirstFileExW
IsValidCodePage
GetACP
GetOEMCP
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
SetEndOfFile
WriteConsoleW
SetLastError
GetLastError
RaiseException
DecodePointer
MultiByteToWideChar
lstrcmpW
LoadLibraryW
GetProcAddress
GetModuleHandleW
GetModuleFileNameW
FreeLibrary
VirtualProtect
GetCurrentThread
GetCurrentProcessId
GetCurrentProcess
SetUnhandledExceptionFilter
CloseHandle
OutputDebugStringA
FindNextFileW
FindClose
CreateFileW
CreateDirectoryW
TlsGetValue
TlsAlloc
EncodePointer
WaitForSingleObjectEx
ExpandEnvironmentStringsA
PeekNamedPipe
GetStdHandle
GetVersionExA
SleepEx
InitializeCriticalSectionEx
EnterCriticalSection
GetProcessHeap
HeapSize
HeapFree
InterlockedCompareExchange
HeapReAlloc
GetCommandLineW

user32

GetLayeredWindowAttributes
CreateWindowExA
RegisterClassA
DefWindowProcA
PostThreadMessageW
PostMessageW
SendMessageTimeoutW
PeekMessageW
DispatchMessageW
TranslateMessage
GetForegroundWindow
GetWindowTextA
SetWindowContextHelpId
GetClassNameA
GetWindowThreadProcessId
MapDialogRect
SystemParametersInfoW
GetAncestor
SetParent
IsWindowVisible
GetCursorInfo
GetCursorPos
MessageBoxIndirectW
MessageBoxExW
MessageBoxW
SetActiveWindow
GetMonitorInfoW
LoadCursorW
GetWindow
GetClassNameW
GetParent
GetDesktopWindow
SetWindowLongW
SetWindowLongA
GetWindowLongW
GetWindowLongA
CreateDialogIndirectParamW
GetSysColor
MapWindowPoints
ScreenToClient
ClientToScreen
GetWindowRect
GetClientRect
GetWindowTextLengthW
GetWindowTextW
SetWindowTextW
RedrawWindow
InvalidateRgn
InvalidateRect
EndPaint
BeginPaint
ReleaseDC
GetDC
DestroyAcceleratorTable
CreateAcceleratorTableW
EnableWindow
KillTimer
SetTimer
ReleaseCapture
SetCapture
GetFocus
SetFocus
CharNextW
GetDlgItem
SetWindowPos
MoveWindow
SetLayeredWindowAttributes
ShowWindow
DestroyWindow
IsChild
IsWindow
CreateWindowExW
GetClassInfoExW
RegisterClassExW
UnregisterClassW
CallWindowProcW
CallWindowProcA
DefWindowProcW
SendMessageW
RegisterWindowMessageW
wsprintfW
EndDialog
OpenClipboard
CloseClipboard
GetSystemMetrics
MsgWaitForMultipleObjects
SetClipboardData
GetClipboardData
EmptyClipboard
VkKeyScanW
FillRect
MapVirtualKeyW
MonitorFromWindow

gdi32

GetStockObject
Ellipse
CreatePen
GetObjectW
SelectObject
BitBlt
GetDeviceCaps
DeleteObject
DeleteDC
CreateSolidBrush
CreateCompatibleDC
CreateCompatibleBitmap

advapi32

CryptAcquireContextA
RegQueryValueExW
RegSetValueExA
CreateProcessAsUserA
CreateProcessAsUserW
RegSetValueExW
RegQueryInfoKeyW
RegOpenKeyExW
RegEnumKeyExW
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
RegCloseKey
CryptDestroyHash
CryptHashData
CryptCreateHash
CryptGetHashParam
CryptReleaseContext

ole32

OleLockRunning
OleSetContainedObject
OleUninitialize
OleInitialize
CoInitialize
CoTaskMemFree
CoTaskMemRealloc
CoCreateGuid
StringFromGUID2
CLSIDFromProgID
CLSIDFromString
CoCreateInstance
CoDisconnectObject
CoGetClassObject
CoUninitialize
CreateStreamOnHGlobal
CoTaskMemAlloc

oleaut32

SysAllocStringLen
SysFreeString
SysStringLen
VariantInit
VariantClear
VarUI4FromStr
LoadTypeLi
LoadRegTypeLi
OleCreateFontIndirect
SysAllocString

libcef

cef_time_to_timet
cef_time_now
cef_uriencode
cef_base64encode
cef_get_mime_type
cef_time_delta
cef_enable_highdpi_support
cef_do_message_loop_work
cef_shutdown
cef_initialize
cef_execute_process
cef_post_task
cef_currently_on
cef_string_utf8_to_utf16
cef_string_multimap_append
cef_string_multimap_value
cef_string_multimap_key
cef_string_multimap_size
cef_string_map_append
cef_string_map_value
cef_string_map_key
cef_string_map_size
cef_string_list_append
cef_string_list_value
cef_string_list_size
cef_string_utf16_cmp
cef_v8value_create_function
cef_v8value_create_array_buffer
cef_v8value_create_array
cef_v8value_create_object
cef_v8value_create_string
cef_v8value_create_date
cef_v8value_create_double
cef_v8value_create_uint
cef_v8value_create_int
cef_v8value_create_bool
cef_v8value_create_null
cef_v8context_get_current_context
cef_stream_reader_create_for_data
cef_string_multimap_free
cef_string_multimap_alloc
cef_cookie_manager_get_global_manager
cef_api_hash
cef_string_map_free
cef_string_map_alloc
cef_string_userfree_utf16_free
cef_browser_host_create_browser_sync
cef_string_list_free
cef_string_list_alloc
cef_log
cef_string_ascii_to_utf16
cef_string_utf16_to_utf8
cef_string_utf16_clear
cef_string_utf8_clear
cef_string_utf16_set

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

shlwapi

PathFileExistsA
StrStrA
PathIsDirectoryA
PathRemoveFileSpecA
StrCmpIW
StrStrIA
StrStrIW

iphlpapi

GetAdaptersInfo
SendARP

wininet

InternetSetCookieA
InternetGetCookieA

wldap32

ord301
ord200
ord30
ord79
ord35
ord33
ord32
ord27
ord26
ord22
ord41
ord50
ord143
ord46
ord211
ord60

Exports

Exports

curl_easy_cleanup
curl_easy_duphandle
curl_easy_escape
curl_easy_getinfo
curl_easy_init
curl_easy_pause
curl_easy_perform
curl_easy_recv
curl_easy_reset
curl_easy_send
curl_easy_setopt
curl_easy_strerror
curl_easy_unescape
curl_escape
curl_formadd
curl_formfree
curl_formget
curl_free
curl_getdate
curl_getenv
curl_global_cleanup
curl_global_init
curl_global_init_mem
curl_maprintf
curl_mfprintf
curl_mprintf
curl_msnprintf
curl_msprintf
curl_multi_add_handle
curl_multi_assign
curl_multi_cleanup
curl_multi_fdset
curl_multi_info_read
curl_multi_init
curl_multi_perform
curl_multi_remove_handle
curl_multi_setopt
curl_multi_socket
curl_multi_socket_action
curl_multi_socket_all
curl_multi_strerror
curl_multi_timeout
curl_multi_wait
curl_mvaprintf
curl_mvfprintf
curl_mvprintf
curl_mvsnprintf
curl_mvsprintf
curl_share_cleanup
curl_share_init
curl_share_setopt
curl_share_strerror
curl_slist_append
curl_slist_free_all
curl_strequal
curl_strnequal
curl_unescape

Sections

.text
Size: 1.9MB - Virtual size: 1.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 382KB - Virtual size: 381KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 31KB - Virtual size: 166KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.msvcjmc
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 104KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f9092ce88a7a46a19dd67d0e15b1c554

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

ws2_32

winmm

kernel32

user32

gdi32

advapi32

ole32

oleaut32

libcef

version

shlwapi

iphlpapi

wininet

wldap32

Exports

Exports

Sections

.text Size: 1.9MB - Virtual size: 1.9MB

.rdata Size: 382KB - Virtual size: 381KB

.data Size: 31KB - Virtual size: 166KB

.msvcjmc Size: 23KB - Virtual size: 22KB

.rsrc Size: 1024B - Virtual size: 1024B

.reloc Size: 104KB - Virtual size: 104KB

.text
Size: 1.9MB - Virtual size: 1.9MB

.rdata
Size: 382KB - Virtual size: 381KB

.data
Size: 31KB - Virtual size: 166KB

.msvcjmc
Size: 23KB - Virtual size: 22KB

.rsrc
Size: 1024B - Virtual size: 1024B

.reloc
Size: 104KB - Virtual size: 104KB