c3cf71753df2b8f35884f4a732db93480f32c23baff703c27cce79a39dbd79b7

Sharing

Copy URL Twitter E-mail

General

Target

c3cf71753df2b8f35884f4a732db93480f32c23baff703c27cce79a39dbd79b7
Size

105KB
MD5

186d34bbceb1fa2f0f281bea1f01e832
SHA1

612e349cf1f5cfa5fcd477645a588816dc29a657
SHA256

c3cf71753df2b8f35884f4a732db93480f32c23baff703c27cce79a39dbd79b7
SHA512

81e582cbb1ce75fdaf9e41b4a99bdd56c7aec42fb2d8c302628f5e46fd47cf202e4031993a02b3f3a759267d28f67f5c9bb7779d8abeac07f79faf325be97719
SSDEEP

1536:x5oVKOJQshh2PfPzWydAEhucBg54NoAivKodqYGXU:x5oVKOJQshgPxiEhM4rcDqXU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c3cf71753df2b8f35884f4a732db93480f32c23baff703c27cce79a39dbd79b7

Files

c3cf71753df2b8f35884f4a732db93480f32c23baff703c27cce79a39dbd79b7
.exe windows:4 windows x86 arch:x86

0117dc63e1f2159d2dea7d7eba68da6c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindNextFileA
GetFileAttributesA
FindFirstFileExA
lstrcpyA
lstrcmpA
GetLastError
ReadFile
GetStdHandle
WaitForSingleObject
CreateProcessA
DuplicateHandle
GetCurrentProcess
CreatePipe
LoadLibraryA
GetModuleHandleA
LocalFree
LocalAlloc
FreeLibrary
DebugBreakProcess
Sleep
lstrcmpiW
GetProcAddress
MultiByteToWideChar
CreateThread
VirtualFreeEx
ReadProcessMemory
CreateRemoteThread
lstrcatW
lstrlenW
GetModuleFileNameW
LoadLibraryW
WriteProcessMemory
VirtualAllocEx
FormatMessageA
SetFilePointer
GetFileType
ExpandEnvironmentStringsA
ContinueDebugEvent
DebugSetProcessKillOnExit
DebugActiveProcess
ResumeThread
GetLogicalDrives
FlushInstructionCache
VirtualProtectEx
GetThreadContext
WaitForDebugEvent
SetEnvironmentVariableA
GetModuleFileNameA
GetSystemDirectoryA
lstrcatA
SetStdHandle
VirtualAlloc
WriteFile
VirtualFree
HeapCreate
HeapDestroy
GetVersionExA
FlushFileBuffers
GetEnvironmentVariableA
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetStringTypeW
GetStringTypeA
CreateFileA
CreateFileMappingA
MapViewOfFile
GetFileSize
FindFirstFileA
FindClose
UnmapViewOfFile
CloseHandle
lstrlenA
GetWindowsDirectoryA
lstrcmpiA
HeapFree
GetProcessHeap
HeapAlloc
OutputDebugStringW
HeapSize
TerminateProcess
HeapReAlloc
LCMapStringW
LCMapStringA
WideCharToMultiByte
GetOEMCP
GetACP
GetCPInfo
ExitProcess
GetVersion
GetCommandLineA
GetStartupInfoA
RtlUnwind
SetThreadContext
OutputDebugStringA

user32

EndDialog
DestroyWindow
PostQuitMessage
DialogBoxParamA
CharUpperA
SetWindowTextA
SendMessageA
CharLowerA
SystemParametersInfoA
GetWindowRect
SetWindowPos
SetForegroundWindow
GetDesktopWindow
MessageBoxA
LoadStringA
GetDlgItem
PeekMessageA

advapi32

RegQueryValueExA
RegSetValueExA
RegEnumValueA
RegEnumKeyA
RegUnLoadKeyA
RegLoadKeyA
RegOpenKeyA
SetSecurityDescriptorDacl
RegCloseKey
RegQueryInfoKeyA
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
InitializeSecurityDescriptor

shell32

SHGetPathFromIDListA
ord524
SHGetFolderLocation
SHBrowseForFolderA
SHGetMalloc

ole32

CoInitialize
CoUninitialize

version

GetFileVersionInfoSizeA
VerQueryValueA
GetFileVersionInfoA

shlwapi

StrCmpNIA
StrChrA
StrRChrA
StrRChrW

comctl32

InitCommonControlsEx

Sections

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 65KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 34KB - Virtual size: 35KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

0117dc63e1f2159d2dea7d7eba68da6c

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ole32

version

shlwapi

comctl32

Sections

.rdata Size: 5KB - Virtual size: 4KB

.data Size: 65KB - Virtual size: 71KB

.rsrc Size: 34KB - Virtual size: 35KB

.rdata
Size: 5KB - Virtual size: 4KB

.data
Size: 65KB - Virtual size: 71KB

.rsrc
Size: 34KB - Virtual size: 35KB