cc1b48ea88b8b22e106ed6c0a20450dbdfb19b0a04f47611abc8db2490079147

Sharing

Copy URL Twitter E-mail

General

Target

cc1b48ea88b8b22e106ed6c0a20450dbdfb19b0a04f47611abc8db2490079147
Size

856KB
MD5

40734797fe8b421b13e4723d7a681205
SHA1

d9f6ad5023e6dc0d067e73edfb5ca54656b1daa5
SHA256

cc1b48ea88b8b22e106ed6c0a20450dbdfb19b0a04f47611abc8db2490079147
SHA512

72411bb651114b6ebf20beebe6b14ba91c6af7905994543a0b03f08208b6ceda778400510331c8220ca44ba33236564b05b6880fd2b7627f91f6faf9045742a9
SSDEEP

12288://SrPdGinXhZq5iArDBGn01flsCMBreyd11Edproax1jYXWuNsnLJWk29qu:yrPdG+t+DBG0XsCPpr3yr68kUq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cc1b48ea88b8b22e106ed6c0a20450dbdfb19b0a04f47611abc8db2490079147

Files

cc1b48ea88b8b22e106ed6c0a20450dbdfb19b0a04f47611abc8db2490079147
.exe windows:4 windows x86 arch:x86

2d74734452b445c92139523a02bb7029

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindFirstFileA
OpenProcess
GetProcAddress
GetModuleHandleA
GetWindowsDirectoryA
VirtualFree
VirtualAlloc
GetDiskFreeSpaceA
FileTimeToSystemTime
SystemTimeToFileTime
GetTickCount
SetThreadAffinityMask
GetSystemInfo
GetSystemDefaultLangID
CreateDirectoryA
RemoveDirectoryA
ExitThread
MoveFileA
DeleteFileA
SetFileAttributesA
CreateThread
OpenMutexA
GetExitCodeProcess
CreateProcessA
GetExitCodeThread
GlobalMemoryStatus
CopyFileA
GlobalMemoryStatusEx
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
ReleaseMutex
GetLastError
CreateMutexA
SetWaitableTimer
CreateWaitableTimerA
lstrlenA
TerminateThread
lstrcpyA
GetCurrentDirectoryA
QueryPerformanceFrequency
QueryPerformanceCounter
GetThreadPriority
MulDiv
FreeLibrary
ReleaseSemaphore
CreateSemaphoreA
GetLocalTime
FindNextFileA
FlushFileBuffers
SetStdHandle
LoadLibraryA
GetStringTypeW
GetStringTypeA
IsBadCodePtr
IsBadReadPtr
IsBadWritePtr
HeapCreate
HeapDestroy
GetEnvironmentVariableA
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
LCMapStringW
LCMapStringA
WideCharToMultiByte
GetOEMCP
GetACP
GetCPInfo
SetUnhandledExceptionFilter
UnhandledExceptionFilter
HeapSize
GetCurrentProcess
TerminateProcess
TlsGetValue
SetLastError
TlsAlloc
HeapReAlloc
HeapAlloc
HeapFree
ExitProcess
GetVersion
GetCommandLineA
GetStartupInfoA
GetCurrentThreadId
RaiseException
TlsSetValue
ResumeThread
RtlUnwind
WaitForMultipleObjects
SetCurrentDirectoryA
GetLogicalDriveStringsA
GetFileAttributesA
DeviceIoControl
FindClose
SetErrorMode
GetVolumeInformationA
GetDriveTypeA
GetModuleFileNameA
GetDevicePowerState
GetSystemTime
MultiByteToWideChar
ResetEvent
WaitForSingleObjectEx
GetCurrentThread
SetThreadIdealProcessor
InitializeCriticalSection
InterlockedDecrement
InterlockedIncrement
GlobalAlloc
GlobalLock
GlobalUnlock
WinExec
GetComputerNameA
GetVersionExA
SetFileTime
GetFileTime
GetFileSize
SetFilePointer
WriteFile
ReadFile
CreateFileA
CreateEventA
SetThreadPriority
WaitForSingleObject
CloseHandle
SetEvent
Sleep
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection

user32

RegisterHotKey
RegisterWindowMessageA
GetQueueStatus
PostThreadMessageA
KillTimer
SetTimer
ReleaseDC
GetDC
UnregisterHotKey
GetForegroundWindow
CreateWindowExA
SendMessageA
ShowWindow
MoveWindow
GetWindowRect
SetWindowTextA
GetAsyncKeyState
SetCursor
GetSystemMenu
EnableMenuItem
SetActiveWindow
DefWindowProcA
PostMessageA
EndPaint
BeginPaint
RedrawWindow
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
IsWindow
MessageBoxA
SetRect
CallWindowProcA
GetWindowTextLengthA
EndDialog
SetFocus
SetDlgItemTextA
SendDlgItemMessageA
SetWindowLongA
GetDlgItem
GetDlgItemTextA
DialogBoxParamA
GetWindowTextA
FillRect
InvalidateRect
SystemParametersInfoA
PostQuitMessage
GetWindowLongA
PeekMessageA
TranslateMessage
DispatchMessageA
MsgWaitForMultipleObjects
GetMessageA
ShowCursor
SwapMouseButton
SetCursorPos
FindWindowA
BringWindowToTop
SetForegroundWindow
GetKeyboardState
IsIconic
CloseWindow
EnableWindow
IsDlgButtonChecked
WaitForInputIdle
EnumDisplayMonitors
GetCursorPos
LoadIconA
LoadCursorA
RegisterClassExA
GetWindowPlacement
GetWindowThreadProcessId
wsprintfA
DestroyWindow
UpdateWindow
GetSystemMetrics
GetClientRect
SetWindowPos

gdi32

SetBrushOrgEx
StretchDIBits
GetStockObject
CreatePalette
SetStretchBltMode
SetTextColor
SelectPalette
TextOutA
TextOutW
CreateFontA
CreateDIBSection
GetObjectA
GetOutlineTextMetricsA
SelectObject
DeleteObject
DeleteDC
EnumFontFamiliesExA
SelectClipRgn
CreateRectRgnIndirect
AddFontResourceA
AddFontMemResourceEx
RemoveFontMemResourceEx
RemoveFontResourceA
SetBkMode
CreateCompatibleDC

comdlg32

GetSaveFileNameA
GetOpenFileNameA

advapi32

RegSetValueExA
RevertToSelf
OpenProcessToken
DuplicateTokenEx
ImpersonateLoggedOnUser
GetUserNameA
RegCreateKeyExA
RegQueryValueExA
RegOpenKeyExA
RegDeleteKeyA

shell32

SHChangeNotify
ShellExecuteA
SHGetPathFromIDListA
SHGetSpecialFolderLocation
SHGetMalloc
DragAcceptFiles
DragFinish
DragQueryFileA
SHGetFolderPathA
SHBrowseForFolderA

ole32

CoCreateInstance
CoFreeUnusedLibraries
CoTaskMemAlloc
CoUninitialize
CoInitialize
OleDraw
CoTaskMemFree

d3d9

Direct3DCreate9

dinput8

DirectInput8Create

winmm

timeBeginPeriod
timeGetDevCaps
PlaySoundA
mciSendCommandA
timeSetEvent
timeGetTime
timeKillEvent
timeEndPeriod

imm32

ImmGetDefaultIMEWnd

atl

ord41

wininet

InternetCloseHandle
InternetAttemptConnect
InternetOpenUrlA
InternetSetFilePointer
InternetReadFile
InternetQueryDataAvailable
InternetOpenA

gdiplus

GdipGetImagePixelFormat
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipGetImageWidth
GdiplusShutdown
GdipCreateBitmapFromFile
GdipAlloc
GdipGetImageEncoders
GdipGetImageEncodersSize
GdipSaveImageToFile
GdipGetImageHeight
GdiplusStartup
GdipDisposeImage
GdipFree
GdipCloneImage
GdipCreateBitmapFromGdiDib

dsound

ord11

Exports

Exports

??4SThreadParam@@QAEAAU0@ABU0@@Z

Sections

.text
Size: 704KB - Virtual size: 701KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 40KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 80KB - Virtual size: 921KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2d74734452b445c92139523a02bb7029

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

d3d9

dinput8

winmm

imm32

atl

wininet

gdiplus

dsound

Exports

Exports

Sections

.text Size: 704KB - Virtual size: 701KB

.rdata Size: 40KB - Virtual size: 38KB

.data Size: 80KB - Virtual size: 921KB

.rsrc Size: 28KB - Virtual size: 24KB

.text
Size: 704KB - Virtual size: 701KB

.rdata
Size: 40KB - Virtual size: 38KB

.data
Size: 80KB - Virtual size: 921KB

.rsrc
Size: 28KB - Virtual size: 24KB