ca185e88602d0fef3b9a1d93d6289bf5e1a669f0ec8fcdfbed3285db81a7fea7

Sharing

Copy URL Twitter E-mail

General

Target

ca185e88602d0fef3b9a1d93d6289bf5e1a669f0ec8fcdfbed3285db81a7fea7
Size

6.0MB
MD5

4e68146a4dc9737a6df220fed4d59c77
SHA1

88e3ec2421fc5178cdebdf4136ab84edacd23ba2
SHA256

ca185e88602d0fef3b9a1d93d6289bf5e1a669f0ec8fcdfbed3285db81a7fea7
SHA512

1d00aec1d1607cadfadf8a9e7c1f0ca482eb5cde26d784f5d84d47424f665d73467ee02ed05a4ad9225a9f78dae4d15a279b74f4c04ddcb35e483cf8c7a91bcf
SSDEEP

196608:xUIIhzFVMKNUqIvFuUw6vFkcj5o6doMYInY:5IhzFVMKNUnvFJpjiEtY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ca185e88602d0fef3b9a1d93d6289bf5e1a669f0ec8fcdfbed3285db81a7fea7

Files

ca185e88602d0fef3b9a1d93d6289bf5e1a669f0ec8fcdfbed3285db81a7fea7
.exe windows:6 windows x86 arch:x86

d5779d198469a86b50f628055fa0ad06

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

OutputDebugStringW
LCMapStringW
GetCPInfo
GetACP
IsValidCodePage
GetStringTypeW
LeaveCriticalSection
EnterCriticalSection
IsDebuggerPresent
TlsFree
TlsSetValue
TerminateProcess
GetCurrentProcess
FlushFileBuffers
GetConsoleMode
SetStdHandle
SetFilePointerEx
CloseHandle
GetCommandLineW
CreateThread
TlsAlloc
FreeEnvironmentStringsW
GetOEMCP
CreatePipe
GlobalFree
HeapSize
RaiseException
GlobalUnlock
GetOverlappedResult
GetTimeZoneInformation
GetEnvironmentStringsW
WriteConsoleW
WideCharToMultiByte
GetConsoleCP
ReadConsoleW
GetModuleHandleW
SetHandleInformation
SetEndOfFile
GetLocaleInfoA
TlsGetValue
GlobalMemoryStatus
DeleteCriticalSection
GetModuleHandleA
SetEnvironmentVariableA
RtlUnwind
GetModuleFileNameW
CreateProcessA
CreateEventA
GetCurrentThread
LoadLibraryExW
Sleep
EncodePointer
DecodePointer
GetLastError
HeapReAlloc
IsProcessorFeaturePresent
ExitProcess
GetModuleHandleExW
GetProcAddress
MultiByteToWideChar
HeapFree
HeapAlloc
GetProcessHeap
SetLastError
GetCurrentThreadId
GetStdHandle
GetFileType
GetStartupInfoW
WriteFile
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
CreateFileW

user32

SetCursor
ScreenToClient
PostQuitMessage
IsIconic
DrawTextW
DrawIconEx
SendMessageA
GetDC
SetPropA
BringWindowToTop
SetScrollPos
CheckDlgButton
FindWindowExW
RemoveMenu
RegisterClassW
SetWindowTextA
EnableWindow
GetDlgItemTextA
ToUnicode
EndDeferWindowPos
SetDlgItemTextA
SetParent
GetKeyboardLayout
SetClassLongA
DrawStateW
GetSysColor
ReleaseCapture
DestroyMenu
DestroyIcon
DispatchMessageA

gdi32

ExtCreatePen
MoveToEx
BitBlt
Arc
GetCharWidthW
GetMetaFileBitsEx
ExcludeClipRect
GetWinMetaFileBits
CreatePalette
GetRegionData
CreatePenIndirect
CombineRgn
CreateCompatibleBitmap
GetCharWidth32W
SetPolyFillMode
GetDIBColorTable
GetNearestPaletteIndex
CreateRectRgn
GetCharWidth32A
GetTextExtentPointA
CreateDIBitmap
GetPixel
GetStockObject
ExtTextOutA
CreateEnhMetaFileW
EqualRgn
SetMetaFileBitsEx
SetViewportOrgEx
LineTo
ExtFloodFill
SelectClipRgn
Rectangle

advapi32

RegEnumKeyA
SetSecurityDescriptorOwner
RegDeleteValueA
CopySid

shell32

CommandLineToArgvW

Sections

.text
Size: 355KB - Virtual size: 355KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 5.7MB - Virtual size: 5.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d5779d198469a86b50f628055fa0ad06

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

Sections

.text Size: 355KB - Virtual size: 355KB

.data Size: 5.7MB - Virtual size: 5.7MB

.idata Size: 4KB - Virtual size: 3KB

.reloc Size: 7KB - Virtual size: 6KB

.text
Size: 355KB - Virtual size: 355KB

.data
Size: 5.7MB - Virtual size: 5.7MB

.idata
Size: 4KB - Virtual size: 3KB

.reloc
Size: 7KB - Virtual size: 6KB