ce67686d81b39d8127a0d6b1cda32012fcd8fa5f3abe4f1eeda4dfb7a4755c99

Sharing

Copy URL

Twitter E-mail

General

Target

ce67686d81b39d8127a0d6b1cda32012fcd8fa5f3abe4f1eeda4dfb7a4755c99
Size

315KB
MD5

9dea7138f0c68110576063c0e1491347
SHA1

5cd536a3b1af269e52b348dce2c0c42eea86f718
SHA256

ce67686d81b39d8127a0d6b1cda32012fcd8fa5f3abe4f1eeda4dfb7a4755c99
SHA512

20462dd3b2bcdd2f23095b741a1b8712b444e1755f623453ed722504d0249a6dd6a54521a1c0e040ccb7ce50dc0334b40e8e7c198b06a732a0bff09bc39a9789
SSDEEP

6144:HNI3k4a6QU6jVFLPlQfnIrmZBP5tOMYQOzX2oQkzeuNu1j1:CFa5nVJeBPbvrT1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ce67686d81b39d8127a0d6b1cda32012fcd8fa5f3abe4f1eeda4dfb7a4755c99

Files

ce67686d81b39d8127a0d6b1cda32012fcd8fa5f3abe4f1eeda4dfb7a4755c99
.exe windows:10 windows x86 arch:x86

950fc7329fc208d7ee3ddc2a83bb8693

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

IsTextUnicode
GetTraceEnableLevel
GetTraceLoggerHandle
GetTraceEnableFlags
UnregisterTraceGuids

kernel32

CreateDirectoryW
SizeofResource
LocalAlloc
GetFileAttributesW
SetFileAttributesW
GetLastError
LockResource
DeleteFileW
HeapSetInformation
LoadResource
LocalFree
FreeLibrary
CopyFileW
LoadLibraryExW
HeapCreate
HeapFree
HeapAlloc
HeapDestroy
GetProcessHeap
FormatMessageW
GetFullPathNameW
EnumResourceTypesW
WriteFile
EnumResourceNamesW
CreateFileW
GetVersionExW
UnmapViewOfFile
CloseHandle
EnumResourceLanguagesW
LoadLibraryW
FindResourceExW
UpdateResourceW
GetProcAddress
GetModuleHandleW
BeginUpdateResourceW
CreateFileMappingW
MapViewOfFile
ReadFile
GetFileSizeEx
MultiByteToWideChar
GlobalUnlock
_lclose
GetTempFileNameW
_lread
MoveFileExW
GlobalLock
GlobalFree
_llseek
GetTempPathW
SetLastError
GetTickCount
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
OutputDebugStringA
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
Sleep
_lwrite
CompareStringA
VirtualAlloc
GetModuleHandleA
GetFileType
TlsFree
TlsSetValue
GetFileSize
TlsGetValue
SetFilePointer
LoadLibraryA
FindClose
TlsAlloc
OpenFileMappingA
DeleteTimerQueueTimer
CreateFileMappingA
ExitProcess

msvcrt

_cexit
__p__fmode
__setusermatherr
_initterm
?terminate@@YAXXZ
_lock
_unlock
__dllonexit
_onexit
memcpy
memset
??1type_info@@UAE@XZ
_controlfp
bsearch
__wgetmainargs
exit
_amsg_exit
__p__commode
_XcptFilter
__set_app_type
_CxxThrowException
_callnewh
?what@exception@@UBEPBDXZ
??1exception@@UAE@XZ
??0exception@@QAE@ABV0@@Z
??0exception@@QAE@XZ
__CxxFrameHandler
wcsncpy
__iob_func
_errno
wcsncmp
towupper
_wcsnicmp
wcsstr
strncmp
strtoul
wcschr
toupper
towlower
_vsnwprintf
malloc
free
fwprintf
vfwprintf
wcsrchr
_purecall
wcstoul
_wcsicmp
_exit
memcmp

user32

CharLowerW
GetCursorPos
ReplyMessage
GetDCEx
ClientToScreen

ntdll

RtlAllocateHeap
RtlFreeHeap
RtlUnwind

gdi32

PolylineTo
Polyline
SetArcDirection
BitBlt

oleaut32

SafeArrayAllocDescriptor

ole32

CoTreatAsClass
OleDuplicateData
CoTaskMemRealloc
CoTaskMemAlloc

Sections

.text
Size: 217KB - Virtual size: 216KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 80KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

950fc7329fc208d7ee3ddc2a83bb8693

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

kernel32

msvcrt

user32

ntdll

gdi32

oleaut32

ole32

Sections

.text Size: 217KB - Virtual size: 216KB

.data Size: 3KB - Virtual size: 3KB

.idata Size: 4KB - Virtual size: 3KB

.rsrc Size: 80KB - Virtual size: 80KB

.reloc Size: 9KB - Virtual size: 8KB

.text
Size: 217KB - Virtual size: 216KB

.data
Size: 3KB - Virtual size: 3KB

.idata
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 80KB - Virtual size: 80KB

.reloc
Size: 9KB - Virtual size: 8KB