cc5893f0370c18c7c5ad5a386a15934e7714f32753679cf04e4ddc7a52dd956f

Sharing

Copy URL

Twitter E-mail

General

Target

cc5893f0370c18c7c5ad5a386a15934e7714f32753679cf04e4ddc7a52dd956f
Size

987KB
MD5

0ac3296fab445cfb2f39634b1cea5d34
SHA1

49d09eabf21752483813975a1092db31bbb37a05
SHA256

cc5893f0370c18c7c5ad5a386a15934e7714f32753679cf04e4ddc7a52dd956f
SHA512

7ee56c38cdfe2344e1a69eaea196ac48d506b3d7a863ecba68c43f1564629b26bc7abaec79877f6ff6f134477938c22360a38a277519947068ce671c34f6bc5f
SSDEEP

24576:XVGVlWOs9yxehHfbhOGXZWMtxrNJfO/d+ZdqXWQwAuETJZV:FGVl1s9n6dIdqwAuETJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cc5893f0370c18c7c5ad5a386a15934e7714f32753679cf04e4ddc7a52dd956f

Files

cc5893f0370c18c7c5ad5a386a15934e7714f32753679cf04e4ddc7a52dd956f
.exe windows:4 windows x86 arch:x86

c62963330ff94eab24ed82dee2c1f54b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

sdl

SDL_CDClose
SDL_CDEject
SDL_CDNumDrives
SDL_CDOpen
SDL_CDPause
SDL_CDPlayTracks
SDL_CDResume
SDL_CDStatus
SDL_CDStop
SDL_CloseAudio
SDL_Delay
SDL_EnableKeyRepeat
SDL_EnableUNICODE
SDL_GL_GetProcAddress
SDL_GL_LoadLibrary
SDL_GL_SetAttribute
SDL_GL_SwapBuffers
SDL_GetAppState
SDL_GetError
SDL_GetGammaRamp
SDL_GetRelativeMouseState
SDL_GetTicks
SDL_GetWMInfo
SDL_Init
SDL_InitSubSystem
SDL_Linked_Version
SDL_LockAudio
SDL_OpenAudio
SDL_PauseAudio
SDL_PollEvent
SDL_Quit
SDL_QuitSubSystem
SDL_SetEventFilter
SDL_SetGammaRamp
SDL_SetModuleHandle
SDL_SetVideoMode
SDL_ShowCursor
SDL_UnlockAudio
SDL_WM_GrabInput
SDL_WM_SetCaption

kernel32

ExitProcess
FreeLibrary
GetCommandLineA
GetModuleHandleA
GetProcAddress
GetStartupInfoA
GlobalLock
GlobalSize
GlobalUnlock
LoadLibraryA
SetUnhandledExceptionFilter

msvcrt

_close
_dup
_lseek
_open
_putch
_read
_stricmp
_strnicmp
_unlink
_write
__getmainargs
__p__environ
__set_app_type
_cexit
_fileno
_findclose
_findfirst
_findnext
_fmode
_fpreset
_getch
_iob
_kbhit
_mkdir
_setjmp
_setmode
_vsnprintf
atan
atan2
atexit
atof
atoi
ceil
exit
exp
fclose
fflush
fgetc
floor
fopen
fprintf
free
freopen
isspace
localtime
log
longjmp
malloc
memcpy
memmove
memset
pow
rand
remove
setbuf
setvbuf
signal
sprintf
srand
sscanf
strcat
strchr
strcmp
strcpy
strftime
strncmp
strncpy
strrchr
strstr
strtok
strtol
tan
time
tolower
toupper

user32

CloseClipboard
GetClipboardData
LoadIconA
MessageBoxA
OpenClipboard
SetClassLongA

wsock32

WSACleanup
WSAGetLastError
WSAStartup
bind
closesocket
gethostbyname
getsockname
htons
ioctlsocket
ntohs
recvfrom
sendto
setsockopt
socket

Sections

.text
Size: 918KB - Virtual size: 917KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 63KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 45.5MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

c62963330ff94eab24ed82dee2c1f54b

Headers

File Characteristics

Imports

sdl

kernel32

msvcrt

user32

wsock32

Sections

.text Size: 918KB - Virtual size: 917KB

.data Size: 63KB - Virtual size: 63KB

.bss Size: - Virtual size: 45.5MB

.idata Size: 4KB - Virtual size: 4KB

.text
Size: 918KB - Virtual size: 917KB

.data
Size: 63KB - Virtual size: 63KB

.bss
Size: - Virtual size: 45.5MB

.idata
Size: 4KB - Virtual size: 4KB