2cd7a07b78e4bb815989ec302efb5a837aa4b9dfa97da4e0585767837482e3e0

Sharing

Copy URL

Twitter E-mail

General

Target

2cd7a07b78e4bb815989ec302efb5a837aa4b9dfa97da4e0585767837482e3e0
Size

620KB
MD5

cfc4b15fb439b739c7f625b23480b0b7
SHA1

75cf32d2ac1584efd14213b91b37af8c2265a4b8
SHA256

2cd7a07b78e4bb815989ec302efb5a837aa4b9dfa97da4e0585767837482e3e0
SHA512

93cacd5b47ceb52e7813108088e2d221ddfb638304fa11b9da35ae0f79250d4991211b47cca499f9e2ea62622f5483294d53661f279c8bdef295613cc16cfe76
SSDEEP

12288:WcWRPelh8t14F4YfDY+o7KO68G2G9Ih40cjs31K6fq+hTR9PyuV5xFpQog:WxRmlh8t0D+7y8G2G9yL0cMoThTR9Py9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2cd7a07b78e4bb815989ec302efb5a837aa4b9dfa97da4e0585767837482e3e0

Files

2cd7a07b78e4bb815989ec302efb5a837aa4b9dfa97da4e0585767837482e3e0
.exe windows:4 windows x86 arch:x86

55ce12aaa9e8ee8b9463544382766ad7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

x:\gta\build\gta4Browser.pdb

Imports

psapi

EnumProcesses

kernel32

UnmapViewOfFile
CloseHandle
LocalAlloc
GetLastError
MapViewOfFile
GetSystemTimeAsFileTime
OpenEventW
GetCurrentThreadId
QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetStartupInfoW
InterlockedCompareExchange
InterlockedExchange
ReleaseMutex
OpenFileMappingW
OpenMutexW
WaitForSingleObject
Sleep
GetTickCount
SetEvent
GetCurrentProcessId

user32

RegisterClassExW
GetWindowRect
DefWindowProcW
BeginPaint
RealChildWindowFromPoint
GetClientRect
AdjustWindowRect
SetFocus
MoveWindow
RegisterClassW
SetActiveWindow
DispatchMessageW
TranslateMessage
ShowWindow
PeekMessageW
SendMessageW
CreateWindowExW
SetForegroundWindow
EndPaint
LoadCursorW
EndDialog
PostQuitMessage
DialogBoxParamW
LoadIconW
SetCursorPos
DestroyWindow
LoadAcceleratorsW
LoadStringW
IsWindow

gdi32

CreateCompatibleDC
SelectObject
GetDIBits
DeleteDC
DeleteObject
GetStockObject
GetObjectW
CreateDCW
CreateCompatibleBitmap

ole32

CoCreateInstance
OleDraw
CoInitialize
CoUninitialize

oleaut32

SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayCreateVector
VariantInit

atl80

ord41

msvcr80

_except_handler4_common
__set_app_type
_encode_pointer
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_configthreadlocale
_initterm_e
_initterm
_wcmdln
exit
_crt_debugger_hook
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_unlock
?terminate@@YAXXZ
_lock
_onexit
_decode_pointer
_invoke_watson
memset
_controlfp_s
_XcptFilter
wcstombs_s
_exit
_cexit
__wgetmainargs
strncat
strcpy_s
__dllonexit
memcpy
??3@YAXPAX@Z
mbstowcs
strstr
strcat_s
??_U@YAPAXI@Z
??_V@YAXPAX@Z
_amsg_exit

Sections

.text
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 592KB - Virtual size: 596KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

55ce12aaa9e8ee8b9463544382766ad7

Headers

File Characteristics

PDB Paths

Imports

psapi

kernel32

user32

gdi32

ole32

oleaut32

atl80

msvcr80

Sections

.text Size: 12KB - Virtual size: 9KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 4KB - Virtual size: 5KB

.rsrc Size: 592KB - Virtual size: 596KB

.text
Size: 12KB - Virtual size: 9KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 4KB - Virtual size: 5KB

.rsrc
Size: 592KB - Virtual size: 596KB