cc9dd627d79d6708bc4069411e6193ff87d5cbc7eadeb9371c82cfb81843179a

Sharing

Copy URL Twitter E-mail

General

Target

cc9dd627d79d6708bc4069411e6193ff87d5cbc7eadeb9371c82cfb81843179a
Size

14.6MB
MD5

151195d0540c0cafd746759aba7c8c5b
SHA1

0c705681030d5cd5a433beb72197e2f2c9eb54da
SHA256

cc9dd627d79d6708bc4069411e6193ff87d5cbc7eadeb9371c82cfb81843179a
SHA512

2fa1bbc48aadd9c8fbd99afc8041b1b1b24c0d065e53bfb304025688da685f178d9c4fbf0c823dfb7a577267e411dc729a00d7a710c63433804e186697fdf3b5
SSDEEP

393216:IEqGNGAw+z3zMjSaL/vtrLfADNNCvs/ZlhwpWR6veb:pqGE7SaT5LfjchpR6v6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/64λCDR汾ת310.exe

Files

cc9dd627d79d6708bc4069411e6193ff87d5cbc7eadeb9371c82cfb81843179a
.zip
64λCDR汾ת310.exe
.exe windows:5 windows x64 arch:x64

56741bfa3b2be3eabc72f4960bc932da

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

GetVersionExW
GetSystemTimeAsFileTime
LocalAlloc
LocalFree
GetModuleFileNameW
GetProcessAffinityMask
SetProcessAffinityMask
SetThreadAffinityMask
Sleep
ExitProcess
LoadLibraryA
GetModuleHandleA
GetProcAddress

user32

GetComboBoxInfo
CharUpperBuffW

gdi32

GetObjectW

comdlg32

PrintDlgW

winspool.drv

DocumentPropertiesW

shell32

CommandLineToArgvW

shlwapi

PathMatchSpecW

comctl32

ImageList_SetDragCursorImage

ole32

ReleaseStgMedium

rpcrt4

UuidToStringW

advapi32

RegSetValueExW

ws2_32

recv

oleacc

LresultFromObject

uxtheme

IsThemeBackgroundPartiallyTransparent

msimg32

AlphaBlend

oleaut32

VariantClear

Sections

.text
Size: 3.4MB - Virtual size: 3.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2.0MB - Virtual size: 2.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 77KB - Virtual size: 268KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 152KB - Virtual size: 151KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ok0
Size: 10.2MB - Virtual size: 10.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.ok1
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ok2
Size: 2.9MB - Virtual size: 2.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 176KB - Virtual size: 176KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

56741bfa3b2be3eabc72f4960bc932da

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

shell32

shlwapi

comctl32

ole32

rpcrt4

advapi32

ws2_32

oleacc

uxtheme

msimg32

oleaut32

Sections

.text Size: 3.4MB - Virtual size: 3.4MB

.rdata Size: 2.0MB - Virtual size: 2.0MB

.data Size: 77KB - Virtual size: 268KB

.pdata Size: 152KB - Virtual size: 151KB

.ok0 Size: 10.2MB - Virtual size: 10.2MB

.ok1 Size: 6KB - Virtual size: 6KB

.ok2 Size: 2.9MB - Virtual size: 2.9MB

.rsrc Size: 176KB - Virtual size: 176KB

.text
Size: 3.4MB - Virtual size: 3.4MB

.rdata
Size: 2.0MB - Virtual size: 2.0MB

.data
Size: 77KB - Virtual size: 268KB

.pdata
Size: 152KB - Virtual size: 151KB

.ok0
Size: 10.2MB - Virtual size: 10.2MB

.ok1
Size: 6KB - Virtual size: 6KB

.ok2
Size: 2.9MB - Virtual size: 2.9MB

.rsrc
Size: 176KB - Virtual size: 176KB