bd14fb250762bc0f15ae87df922fe90af7829d98b000bba5ea5f1de4fee43bc9

Sharing

Copy URL Twitter E-mail

General

Target

bd14fb250762bc0f15ae87df922fe90af7829d98b000bba5ea5f1de4fee43bc9
Size

632KB
MD5

43f685fd74742eea0856f2117446732a
SHA1

6cdd04ebf2b914b92e7359e0728e9de455e64ec2
SHA256

bd14fb250762bc0f15ae87df922fe90af7829d98b000bba5ea5f1de4fee43bc9
SHA512

c4bdf52e4b370126bb6df602d20cbf1a22faff72639064afd467c96890f259750a61d055871e62eada99813ba7065fd6e9f26da36e655eb5ebcb2fe345430c9e
SSDEEP

12288:XJgjANrtijdW0KzTwu3iRFcOpgizH0AtJUJRdZ:z5LT6qet0AtJezZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bd14fb250762bc0f15ae87df922fe90af7829d98b000bba5ea5f1de4fee43bc9

Files

bd14fb250762bc0f15ae87df922fe90af7829d98b000bba5ea5f1de4fee43bc9
.exe windows:4 windows x86 arch:x86

53e1c7853a6e6dcc7dd547d8fc1ee417

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\sks\Desktop\SourceCode\_Bin\Release\CryptionRCC.pdb

Imports

d3dx9_35

D3DXMatrixLookAtLH
D3DXMatrixTranslation
D3DXMatrixScaling
D3DXGetFVFVertexSize
D3DXVec3Project
D3DXMatrixMultiply
D3DXVec3Normalize
D3DXCreateTextureFromFileExA
D3DXCreateTextureFromFileInMemoryEx
D3DXCreateCubeTextureFromFileExA
D3DXCreateCubeTextureFromFileInMemoryEx

mfc71

ord1908
ord5073
ord6275
ord4185
ord5203
ord3403
ord4722
ord4282
ord1600
ord5960
ord923
ord928
ord932
ord930
ord934
ord2410
ord2394
ord2413
ord2408
ord2385
ord2387
ord2405
ord2178
ord2172
ord1522
ord6279
ord3802
ord6277
ord3345
ord4967
ord1362
ord5175
ord1964
ord1656
ord1655
ord1599
ord5200
ord2862
ord4486
ord4262
ord3182
ord354
ord6236
ord5807
ord876
ord1482
ord1084
ord2371
ord1903
ord1931
ord1483
ord4098
ord2089
ord1547
ord5915
ord1402
ord4234
ord5214
ord2991
ord3171
ord572
ord1554
ord3195
ord1063
ord304
ord1794
ord1892
ord3934
ord4035
ord310
ord4749
ord709
ord501
ord630
ord781
ord3088
ord2747
ord2021
ord3056
ord385
ord784
ord4104
ord265
ord3762
ord631
ord2322
ord5563
ord2902
ord5529
ord907
ord2748
ord2288
ord2280
ord386
ord911
ord297
ord3397
ord762
ord266
ord6118
ord1489
ord299
ord2933
ord2469
ord5235
ord5233
ord2390
ord2400
ord2398
ord2396
ord2392
ord2415
ord2403
ord1207
ord4541
ord3683
ord4038
ord4014
ord6278
ord3801
ord6276
ord4326
ord2063
ord2018
ord5583
ord3806
ord1010
ord5102
ord6219
ord5382
ord3832
ord1920
ord2931
ord5224
ord5226
ord2248
ord3948
ord4568
ord5230
ord5213
ord5566
ord2537
ord2731
ord2835
ord4307
ord2714
ord2838
ord2540
ord2646
ord2533
ord3718
ord3719
ord3709
ord2644
ord3949
ord4481
ord4261
ord3333
ord566
ord757
ord605
ord591
ord578
ord620
ord764
ord2020
ord5975
ord1054
ord3830
ord3641
ord5182
ord4212
ord4735
ord4890
ord4580
ord1671
ord1670
ord1551
ord5912
ord1620
ord1617
ord3946
ord1401
ord4244
ord5152

msvcr71

fwrite
fclose
fread
ftell
fseek
fopen
malloc
free
_except_handler3
_vsnprintf
??1exception@@UAE@XZ
??0exception@@QAE@XZ
??0exception@@QAE@ABV0@@Z
_CxxThrowException
_localtime64
_time64
fprintf
sprintf
rand
_CIasin
_CIacos
_CIpow
_strlwr
_setmbcp
realloc
qsort
floor
calloc
_ftol
_controlfp
?terminate@@YAXXZ
??1type_info@@UAE@XZ
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_amsg_exit
_acmdln
_cexit
_ismbblead
_XcptFilter
_exit
_c_exit
__security_error_handler
_onexit
__dllonexit
memset
frexp
exit
__CxxFrameHandler

kernel32

GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetStartupInfoA
ExitProcess
FindResourceA
LoadResource
SizeofResource
LockResource
QueryPerformanceCounter
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetTickCount
Sleep
GetModuleHandleA
GlobalAlloc
GlobalLock
GlobalUnlock
GetVersionExA

user32

GetCursorPos
ShowCursor
GetWindowRect
SetCursorPos
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
MessageBoxA
GetSystemMetrics
LoadIconA
EnableWindow
GetClientRect
IsIconic
GetSystemMenu
SendMessageA
AppendMenuA
DrawIcon

shell32

SHBrowseForFolderA
SHGetPathFromIDListA

comctl32

ord17

msvcp71

?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDI@Z
?rfind@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIDI@Z
?erase@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@II@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBD@Z
?rfind@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDI@Z
?clear@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXXZ
?size@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIXZ
??$?8DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?find_last_of@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDI@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
??$?MDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??A?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEABDI@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?c_str@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEPBDXZ
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@PBG@Z
??1?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@XZ

winmm

mmioOpenA
mmioClose
mmioWrite
mmioAdvance
mmioSetInfo
mmioSeek
mmioCreateChunk
mmioGetInfo
mmioDescend
mmioRead
mmioAscend

Sections

.text
Size: 256KB - Virtual size: 254KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 152KB - Virtual size: 148KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 196KB - Virtual size: 26.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

53e1c7853a6e6dcc7dd547d8fc1ee417

Headers

File Characteristics

PDB Paths

Imports

d3dx9_35

mfc71

msvcr71

kernel32

user32

shell32

comctl32

msvcp71

winmm

Sections

.text Size: 256KB - Virtual size: 254KB

.rdata Size: 152KB - Virtual size: 148KB

.data Size: 196KB - Virtual size: 26.8MB

.rsrc Size: 24KB - Virtual size: 20KB

.text
Size: 256KB - Virtual size: 254KB

.rdata
Size: 152KB - Virtual size: 148KB

.data
Size: 196KB - Virtual size: 26.8MB

.rsrc
Size: 24KB - Virtual size: 20KB