cf748c495a5e46819731078822156cc2d8d1d0d19a83b21ace00f3c0dc8e89ea

Sharing

Copy URL

Twitter E-mail

General

Target

cf748c495a5e46819731078822156cc2d8d1d0d19a83b21ace00f3c0dc8e89ea
Size

2.2MB
MD5

0bb99f1718f146d468c524ebaa4b57f1
SHA1

87737b947ec256a0562e10a7a4f1a3241908bf89
SHA256

cf748c495a5e46819731078822156cc2d8d1d0d19a83b21ace00f3c0dc8e89ea
SHA512

f6d3b678aaa39bae03f3993377c2bb8dc66851d586ef86a92ecd91a124275ca42248ab312ca3af9648ba67d26bd767c6bc26a54b03bbac36e1571f2458f257db
SSDEEP

49152:uxViXEqOAV6tGACZbcA4dwKFoxWPuwNh0FLypwVdwG:uCXEqOy6tQcA4dhzXZwrwG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cf748c495a5e46819731078822156cc2d8d1d0d19a83b21ace00f3c0dc8e89ea

Files

cf748c495a5e46819731078822156cc2d8d1d0d19a83b21ace00f3c0dc8e89ea
.exe windows:5 windows x86 arch:x86

af39b34ffb31c031ed4ff38bbbc0b946

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

imm32

ImmIsIME

ws2_32

WSAGetLastError
gethostbyname
connect
WSACleanup
shutdown
WSAWaitForMultipleEvents
WSAEnumNetworkEvents
inet_addr
WSACreateEvent
WSAEventSelect
WSACloseEvent
setsockopt
WSAStartup
recv
send
socket
ioctlsocket
closesocket
htons

winmm

waveOutGetDevCapsA
waveOutGetNumDevs
mciSendCommandA
timeKillEvent
auxGetVolume
auxGetNumDevs
auxGetDevCapsA
waveOutGetVolume

dsound

ord1

kernel32

InitializeCriticalSectionAndSpinCount
SetHandleCount
GetTimeZoneInformation
GetModuleFileNameW
GetStdHandle
HeapCreate
LCMapStringW
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
InterlockedDecrement
SetLastError
InterlockedIncrement
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
GetFileType
GetModuleFileNameA
GetCurrentDirectoryA
GetTickCount
Sleep
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
CreateFileA
CloseHandle
IsBadReadPtr
SetCurrentDirectoryA
FindClose
FindNextFileA
FindFirstFileA
_lopen
_lread
_lwrite
_llseek
GetConsoleCP
GetModuleHandleA
SetEndOfFile
VirtualQuery
GetSystemInfo
SetUnhandledExceptionFilter
ReadFile
WriteFile
DeleteFileA
SetFileAttributesA
SetFilePointer
GetFileSize
CreateDirectoryA
GetFileAttributesA
HeapSize
HeapAlloc
GetProcessHeap
HeapReAlloc
HeapFree
GlobalMemoryStatus
GetDriveTypeA
CreateThread
MultiByteToWideChar
WideCharToMultiByte
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
InterlockedExchange
IsProcessorFeaturePresent
IsDebuggerPresent
UnhandledExceptionFilter
TerminateProcess
ExitProcess
GetModuleHandleW
GetProcAddress
GetStartupInfoW
HeapSetInformation
GetCommandLineA
GetLastError
GetSystemTimeAsFileTime
DecodePointer
EncodePointer
RtlUnwind
RaiseException
GetConsoleMode
FlushFileBuffers
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
SetStdHandle
LoadLibraryW
GetStringTypeW
WriteConsoleW
CreateFileW
CompareStringW
SetEnvironmentVariableA
_lclose

user32

PeekMessageA
DispatchMessageA
TranslateMessage
GetMessageA
MapVirtualKeyA
ClientToScreen
ShowCursor
OpenClipboard
GetClipboardData
CloseClipboard
MessageBoxA
LoadCursorA
LoadIconA
RegisterClassA
CreateWindowExA
PostQuitMessage
PostMessageA
GetDC
OffsetRect
GetClientRect
wsprintfA
SetWindowTextA
SetFocus
SetForegroundWindow
DefWindowProcA
ShowWindow
GetWindowLongA
SetWindowLongA
SetRect
EndPaint
ReleaseDC
GetSystemMetrics
GetKeyboardLayout
GetKeyState
GetKeyboardState
GetForegroundWindow
GetParent
GetWindowRect
GetDlgItem
GetDlgItemTextA
InvalidateRect
BeginPaint
GetWindowDC
SetWindowPos

gdi32

GetDeviceCaps
DeleteObject
CreatePalette
SelectPalette
RealizePalette
GetStockObject
SetStretchBltMode
StretchDIBits

ole32

CoInitialize
CoUninitialize

comdlg32

GetSaveFileNameA
GetOpenFileNameA

ddraw

DirectDrawCreate

Sections

.text
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 114KB - Virtual size: 113KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 430KB - Virtual size: 955KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.dinfo
Size: 512B - Virtual size: 248B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.cdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.info
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 25B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

af39b34ffb31c031ed4ff38bbbc0b946

Headers

DLL Characteristics

File Characteristics

Imports

imm32

ws2_32

winmm

dsound

kernel32

user32

gdi32

ole32

comdlg32

ddraw

Sections

.text Size: 1.7MB - Virtual size: 1.7MB

.rdata Size: 114KB - Virtual size: 113KB

.data Size: 430KB - Virtual size: 955KB

.dinfo Size: 512B - Virtual size: 248B

.cdata Size: 1KB - Virtual size: 1KB

.info Size: 1KB - Virtual size: 1KB

.tls Size: 512B - Virtual size: 25B

.rsrc Size: 4KB - Virtual size: 3KB

.text
Size: 1.7MB - Virtual size: 1.7MB

.rdata
Size: 114KB - Virtual size: 113KB

.data
Size: 430KB - Virtual size: 955KB

.dinfo
Size: 512B - Virtual size: 248B

.cdata
Size: 1KB - Virtual size: 1KB

.info
Size: 1KB - Virtual size: 1KB

.tls
Size: 512B - Virtual size: 25B

.rsrc
Size: 4KB - Virtual size: 3KB