3c4cf0df74c6589b4b23a7a2c436730084a614826022822afe8e7b9339776058

Sharing

Copy URL Twitter E-mail

General

Target

3c4cf0df74c6589b4b23a7a2c436730084a614826022822afe8e7b9339776058
Size

92KB
MD5

ac129a74235fd171e3660cbf2cd6d239
SHA1

b3d99a6c39378419e909c2a518692da2d7b441a9
SHA256

3c4cf0df74c6589b4b23a7a2c436730084a614826022822afe8e7b9339776058
SHA512

08c6c85878ef6ea26b4b5ab72ace7bf78294c3d2dbe18e66b3d499736d787685c61a6f698916dcfd9412e969c71f1987317a6c0c85ba99acf9b9891d620eb472
SSDEEP

1536:0N17vG0XFiDimJCH/wigilokQ9aKhrr0AizDdk2IMH4plkncJ:0+0XAR04i/lBQ9aQ+/dtNckncJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3c4cf0df74c6589b4b23a7a2c436730084a614826022822afe8e7b9339776058

Files

3c4cf0df74c6589b4b23a7a2c436730084a614826022822afe8e7b9339776058
.exe windows:4 windows x86 arch:x86

8ae3e46e5731e3fdeeb4f65601d18ae5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

s:\w32\VSSBLD\03\DEV\obj\mpdfx\CCI\release.net\CCI03.pdb

Imports

ctree03

ord105
ord108
ord86
ord83
ord88
ord81
ord124
ord72
ord173
ord151
ord146
ord53
ord100
ord63
ord210
ord14
ord176
ord15
ord92

cchhlp03

ord1

ctxutil

ord127
ord74

taxprep

ord350
ord498
ord392

mfc70

ord257
ord256
ord705
ord1077
ord1081
ord703

msvcr70

__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_amsg_exit
_acmdln
exit
_cexit
_XcptFilter
_exit
_c_exit
__security_error_handler
_itoa
strrchr
_errno
time
ctime
__set_app_type
_chdir
_getcwd
atol
qsort
strstr
strncpy
atoi
rename
_splitpath
_makepath
strncmp
memmove
__CxxFrameHandler
wcscpy
_ftime
_strupr
_access
_unlink
_memicmp
?terminate@@YAXXZ
_except_handler3
__dllonexit
_onexit
strchr
_controlfp
atof
sprintf
free
malloc
_ultoa

kernel32

GetSystemTimeAsFileTime
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
GetStartupInfoA
GetModuleHandleA
ExitProcess
lstrcmpA
GetCurrentProcessId
GetFileAttributesA
_lread
_lclose
OpenFile
GetCurrentProcess
GetLastError
SetFilePointer
GetProfileStringA
MulDiv
DeleteFileA
LoadLibraryA
GetProcAddress
FreeLibrary
GetFileSize
GlobalMemoryStatus
lstrcpyA
GlobalHandle
GlobalUnlock
GlobalFree
GlobalAlloc
GlobalLock
CreateFileA
CloseHandle
ReadFile
WriteFile
lstrcatA
GetStringTypeExW
GetStringTypeExA
GetEnvironmentVariableW
GetEnvironmentVariableA
lstrlenA
InterlockedExchange
GetACP
GetLocaleInfoA
GetThreadLocale
GetVersionExA
MultiByteToWideChar
WideCharToMultiByte
GetVersion
CompareStringA
lstrlenW
CompareStringW
lstrcmpiA
lstrcmpiW

user32

GetFocus
LoadStringA
DispatchMessageA
TranslateMessage
IsDialogMessageA
PeekMessageA
DestroyWindow
CreateDialogParamA
DdeAccessData
DdeClientTransaction
DdeConnect
DdeCreateStringHandleA
DdeInitializeA
PostQuitMessage
DefWindowProcA
SetForegroundWindow
GetMessageA
UpdateWindow
ShowWindow
CreateWindowExA
RegisterClassA
wsprintfA
GetDialogBaseUnits
SetKeyboardState
GetKeyboardState
GetWindowTextLengthA
GetPropA
SetPropA
GetWindowLongA
CharUpperW
CharUpperA
CharLowerW
CharLowerA
DialogBoxParamA
GetWindowTextA
SetWindowTextA
SendDlgItemMessageA
GetDlgItem
SetFocus
SendMessageA
EnableWindow
PostMessageA
MessageBeep
CallWindowProcA
SetWindowLongA
WinHelpA
SetCursor
LoadCursorA
EndDialog
RemovePropA
GetParent
MessageBoxA

gdi32

CreateDCA
GetDeviceCaps
SetMapMode
CreateFontA
SelectObject
StartDocA
EndDoc
DeleteObject
DeleteDC
EndPage
StartPage
TextOutA

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

RegCloseKey
RegOpenKeyExA
RegQueryValueExA

ole32

CoInitialize
CoUninitialize

oleaut32

SysFreeString

Sections

.text
Size: 60KB - Virtual size: 58KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8ae3e46e5731e3fdeeb4f65601d18ae5

Headers

File Characteristics

PDB Paths

Imports

ctree03

cchhlp03

ctxutil

taxprep

mfc70

msvcr70

kernel32

user32

gdi32

winspool.drv

advapi32

ole32

oleaut32

Sections

.text Size: 60KB - Virtual size: 58KB

.rdata Size: 12KB - Virtual size: 10KB

.data Size: 4KB - Virtual size: 15KB

.rsrc Size: 12KB - Virtual size: 8KB

.text
Size: 60KB - Virtual size: 58KB

.rdata
Size: 12KB - Virtual size: 10KB

.data
Size: 4KB - Virtual size: 15KB

.rsrc
Size: 12KB - Virtual size: 8KB