cbcd847d0845be2ac78b6a1f26973ff0N[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

cbcd847d0845be2ac78b6a1f26973ff0N.exe
Size

445KB
MD5

cbcd847d0845be2ac78b6a1f26973ff0
SHA1

f01e84f29eaedcb399957516140c51f3bbbe3f1a
SHA256

c55790735a95bc93cae92afc6cf761a1a8aca189e719760d197329ce59cfd218
SHA512

3fbfabefc6f52964ef4e3a739a7ac6856fe5c580b98357934d4b997be19b199a6bd5e82a0f4e8117fb3b4920a81deb77040e64cbe4b57b2cd312e252f2d9c634
SSDEEP

12288:R1UqpcR6Kx5/5kMERWRlw2Pz2Petscq0wH+:R1V6Rfx1MWF6m+Je

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cbcd847d0845be2ac78b6a1f26973ff0N.exe

Files

cbcd847d0845be2ac78b6a1f26973ff0N.exe
.exe windows:4 windows x86 arch:x86

c893f3a0cbcf2f89d95e3c6e5751a4e2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetOEMCP
GetTimeZoneInformation
GetVersionExA
SetEnvironmentVariableA
GetProcAddress
HeapCreate
HeapReAlloc
SetLastError
CompareStringW
GetLocaleInfoA
GetCurrentProcessId
TlsFree
OpenEventA
FreeEnvironmentStringsW
TlsGetValue
WideCharToMultiByte
HeapDestroy
GetFileAttributesExA
TlsSetValue
WriteFile
GetCommandLineA
VirtualFree
DosDateTimeToFileTime
GetStringTypeA
InitializeCriticalSection
GetDateFormatA
GetFileType
lstrcpynA
SetEvent
ExitProcess
GetTickCount
GetProfileStringW
TlsAlloc
HeapFree
DeleteCriticalSection
GetModuleFileNameA
GetStartupInfoA
LoadLibraryA
QueryPerformanceCounter
CompareStringA
VirtualAlloc
SetThreadLocale
OpenFile
VirtualProtect
GetCurrentProcess
TerminateProcess
GetCurrentThreadId
RtlUnwind
EnterCriticalSection
GetACP
GetEnvironmentStrings
LCMapStringW
UnhandledExceptionFilter
GetUserDefaultLCID
LocalHandle
GetSystemTimeAsFileTime
EnumSystemLocalesA
CreateWaitableTimerW
SetConsoleWindowInfo
FreeEnvironmentStringsA
GetCPInfo
GetPrivateProfileStructA
MultiByteToWideChar
IsBadWritePtr
GetStdHandle
WriteProfileSectionW
GetCurrentThread
LeaveCriticalSection
GetThreadTimes
GetTimeFormatA
SetHandleCount
GetEnvironmentStringsW
TryEnterCriticalSection
InterlockedExchange
GetLocaleInfoW
GetLastError
CreateNamedPipeA
IsValidCodePage
SystemTimeToFileTime
GetFullPathNameW
HeapSize
GetSystemInfo
HeapAlloc
LCMapStringA
WaitForMultipleObjects
WritePrivateProfileSectionW
GetStringTypeW
VirtualQuery
GetModuleHandleA
IsValidLocale

comdlg32

PrintDlgW
LoadAlterBitmap
GetFileTitleA
GetOpenFileNameA
FindTextW
GetSaveFileNameA
PageSetupDlgA
ChooseFontA
PageSetupDlgW
GetOpenFileNameW
ChooseFontW
ReplaceTextW
ReplaceTextA

Sections

.text
Size: 127KB - Virtual size: 127KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 308KB - Virtual size: 307KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c893f3a0cbcf2f89d95e3c6e5751a4e2

Headers

File Characteristics

Imports

kernel32

comdlg32

Sections

.text Size: 127KB - Virtual size: 127KB

.data Size: 308KB - Virtual size: 307KB

.rsrc Size: 8KB - Virtual size: 8KB

.text
Size: 127KB - Virtual size: 127KB

.data
Size: 308KB - Virtual size: 307KB

.rsrc
Size: 8KB - Virtual size: 8KB