cc3a4bdd5e862400d8faa26fd28561a0N[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

cc3a4bdd5e862400d8faa26fd28561a0N.exe
Size

392KB
MD5

cc3a4bdd5e862400d8faa26fd28561a0
SHA1

9eafd9ec77fbd82db941132d288165c0755f80d7
SHA256

7acb402d420f1296dc3ce864677adb07aec964fbfc668bef7c859b74af919ddc
SHA512

7c12fc7e7d6d672a8ce43992287b9465e7bc092c6940154ac0eb67e978a42ea449d192561d0427ebe72b14e6117bd996cd9e36a8110690e0f9c6dc06af26ecc2
SSDEEP

12288:3a3G5AJSRtmv9H69WXbLxjC0aNtoSF8Sp/R:hCSPkHZb9j9UWoZp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cc3a4bdd5e862400d8faa26fd28561a0N.exe

Files

cc3a4bdd5e862400d8faa26fd28561a0N.exe
.exe windows:5 windows x86 arch:x86

8d26b481f69a237eb7a7058caea17912

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcirt

??4istrstream@@QAEAAV0@ABV0@@Z
??1ios@@UAE@XZ
??1stdiobuf@@UAE@XZ
??0istream@@IAE@ABV0@@Z
?setbuf@fstream@@QAEPAVstreambuf@@PADH@Z
?cerr@@3Vostream_withassign@@A
?getline@istream@@QAEAAV1@PADHD@Z
?write@ostream@@QAEAAV1@PBDH@Z
?clear@ios@@QAEXH@Z
??_Gostream_withassign@@UAEPAXI@Z
?floatfield@ios@@2JB
?setbuf@strstreambuf@@UAEPAVstreambuf@@PADH@Z
??0strstreambuf@@QAE@PADH0@Z
??4strstream@@QAEAAV0@AAV0@@Z
??4istream@@IAEAAV0@ABV0@@Z
?is_open@ofstream@@QBEHXZ
??0fstream@@QAE@ABV0@@Z
?pbackfail@stdiobuf@@UAEHH@Z
?unsetf@ios@@QAEJJ@Z
?egptr@streambuf@@IBEPADXZ
??0exception@@QAE@ABV0@@Z
?get@istream@@QAEAAV1@AAD@Z
??0strstream@@QAE@ABV0@@Z
?lockc@ios@@KAXXZ
?x_lockc@ios@@0U_CRT_CRITICAL_SECTION@@A
??0fstream@@QAE@PBDHH@Z
?tellg@istream@@QAEJXZ
??1istream_withassign@@UAE@XZ
?setrwbuf@stdiobuf@@QAEHHH@Z
??_8ostream@@7B@
?pbase@streambuf@@IBEPADXZ
?gbump@streambuf@@IAEXH@Z
?overflow@stdiobuf@@UAEHH@Z
?pcount@ostrstream@@QBEHXZ
??5istream@@QAEAAV0@P6AAAVios@@AAV1@@Z@Z
?is_open@fstream@@QBEHXZ
?rdbuf@strstream@@QBEPAVstrstreambuf@@XZ
?open@filebuf@@QAEPAV1@PBDHH@Z
??_Eistream_withassign@@UAEPAXI@Z
?get@istream@@IAEAAV1@PADHH@Z
?setbuf@ifstream@@QAEPAVstreambuf@@PADH@Z
?setf@ios@@QAEJJJ@Z
??0ofstream@@QAE@PBDHH@Z
?ebuf@streambuf@@IBEPADXZ
??0ofstream@@QAE@ABV0@@Z
_mtunlock
??0Iostream_init@@QAE@XZ
?write@ostream@@QAEAAV1@PBEH@Z
??_Eios@@UAEPAXI@Z
??_Dstrstream@@QAEXXZ
?put@ostream@@QAEAAV1@E@Z
??_Difstream@@QAEXXZ
?getline@istream@@QAEAAV1@PACHD@Z
??5istream@@QAEAAV0@AAO@Z
?fd@filebuf@@QBEHXZ
?bitalloc@ios@@SAJXZ
?seekoff@strstreambuf@@UAEJJW4seek_dir@ios@@H@Z
?out_waiting@streambuf@@QBEHXZ
?rdbuf@ofstream@@QBEPAVfilebuf@@XZ
?writepad@ostream@@AAEAAV1@PBD0@Z
?width@ios@@QAEHH@Z
??6ostream@@QAEAAV0@P6AAAVios@@AAV1@@Z@Z
?close@filebuf@@QAEPAV1@XZ
??5istream@@QAEAAV0@AAC@Z
?get@istream@@QAEAAV1@PACHD@Z
?putback@istream@@QAEAAV1@D@Z
?is_open@ifstream@@QBEHXZ
??1ostream_withassign@@UAE@XZ
?setbuf@ofstream@@QAEPAVstreambuf@@PADH@Z
??0filebuf@@QAE@HPADH@Z
?setg@streambuf@@IAEXPAD00@Z
??0istrstream@@QAE@ABV0@@Z
?fail@ios@@QBEHXZ
??5istream@@QAEAAV0@P6AAAV0@AAV0@@Z@Z
??_7stdiobuf@@6B@
??4istream_withassign@@QAEAAVistream@@PAVstreambuf@@@Z
??0ostream@@QAE@PAVstreambuf@@@Z
?setf@ios@@QAEJJ@Z
??7ios@@QBEHXZ
??0ostrstream@@QAE@ABV0@@Z

kernel32

GetLocaleInfoA
VDMOperationStarted
AddConsoleAliasA
SetVolumeMountPointW
GlobalUnlock
SetFileValidData
InterlockedIncrement
QueryDosDeviceA
GetDateFormatW
_lwrite
OpenSemaphoreA
GetNumaNodeProcessorMask
NlsGetCacheUpdateCount
FindActCtxSectionGuid
LoadLibraryA
EnumSystemLanguageGroupsA
GetProcessShutdownParameters
OpenMutexW
FileTimeToLocalFileTime
_lclose
QueueUserWorkItem
GetSystemTimeAsFileTime
CreateIoCompletionPort
GlobalMemoryStatus
VirtualAlloc
FindResourceExW
WriteConsoleA
GetProcessHeap
GetSystemDefaultLangID
GetConsoleInputExeNameW
GetPrivateProfileSectionNamesW
GetBinaryTypeW
InterlockedFlushSList
RtlMoveMemory
BaseInitAppcompatCacheSupport
GetConsoleTitleA
EnumSystemCodePagesA
LocalFree

gdi32

GdiGradientFill
EngCheckAbort
RoundRect
GdiQueryTable
SelectObject
SetWorldTransform
SetBitmapBits
GdiEntry7
GetBitmapAttributes
SetTextColor
PATHOBJ_vEnumStart
DdEntry36
GdiAddGlsRecord
gdiPlaySpoolStream
PlayMetaFileRecord
ExcludeClipRect
GdiEntry2
DdEntry45
OffsetRgn
CopyMetaFileA
FONTOBJ_vGetInfo
RemoveFontResourceA
ColorMatchToTarget
GetCharWidth32A
EngCreateBitmap
CreateFontIndirectExA
GetBrushAttributes
SetWindowExtEx
ExtEscape
GetEnhMetaFilePixelFormat
EngGetCurrentCodePage
SetMetaRgn
CreateICW
GdiEntry13

query

?GetProperties@CDbProperties@@UAGJKQBUtagDBPROPIDSET@@PAKPAPAUtagDBPROPSET@@@Z
?SetBSTR@CStorageVariant@@QAEXPAGI@Z
?Init@CPidLookupTable@@QAEHPAVPRcovStorageObj@@@Z
??0CMachineAdmin@@QAE@PBGH@Z
?SetI2@CStorageVariant@@QAEXFI@Z
??0CGenericCiProxy@@QAE@AAVCSharedNameGen@@KK@Z
?GetR8@CAllocStorageVariant@@QBENI@Z
?GetBlob@CMemDeSerStream@@UAEXPAEK@Z
?SetLPSTR@CStorageVariant@@QAEXPBDI@Z
BeginCacheTransaction
??1CPhraseRestriction@@QAE@XZ
??1CPropertyStoreWids@@QAE@XZ
?GetNumber@CQueryScanner@@QAEHAAKAAH@Z
??1CLangList@@QAE@XZ
?Write@CDynStream@@QAEXPAXK@Z
?Release@CQueryUnknown@@UAGKXZ
??1CFileMapView@@QAE@XZ
?GetProperties@CGetDbProps@@QAEXPAUIDBProperties@@K@Z
?IsRunningAsSystem@CImpersonateSystem@@SGHXZ
?IsScopeValid@@YGJPBGIH@Z
?MakeISearch@@YGJPAPAUISearchQueryHits@@PAVCDbRestriction@@PBG@Z
?EnumerateValues@CRegAccess@@QAEXPAGAAVCRegCallBack@@@Z
??0CCiAdminParams@@QAE@PAVCLangList@@@Z
?StrLen@CKeyBuf@@QBEIXZ
??0CSynRestriction@@QAE@ABVCKey@@KKKH@Z
?UnMarshall@CDbColId@@QAEHAAVPDeSerStream@@@Z
?Resume@CProcess@@QAEXXZ
??0CStandardPropMapper@@QAE@XZ
?SetNumberOfColumns@CCatState@@QAEXI@Z
?ReadProperty@CPropStoreManager@@QAEHKKAAUtagPROPVARIANT@@@Z
??0CTimeLimit@@QAE@KK@Z
?GetNumber@CQueryScanner@@QAEHAA_KAAH@Z
?VT_VARIANT_GT@@YGHABUtagPROPVARIANT@@0@Z
?ParseExpression@CParseCommandTree@@QAEPAVCRestriction@@PAVCDbCmdTreeNode@@@Z
?GetCGIVariable@CWebServer@@QAEHPBDAAV?$XArray@G@@AAK@Z
?SetValue@CPropertyRestriction@@QAEXPAU_GUID@@@Z
?Accept@CQueryScanner@@QAEXXZ
?Grow@CDynStream@@QAEXAAVPStorage@@K@Z

Sections

.text
Size: 186KB - Virtual size: 186KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 149KB - Virtual size: 149KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 48KB - Virtual size: 542KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8d26b481f69a237eb7a7058caea17912

Headers

DLL Characteristics

File Characteristics

Imports

msvcirt

kernel32

gdi32

query

Sections

.text Size: 186KB - Virtual size: 186KB

.rdata Size: 149KB - Virtual size: 149KB

.data Size: 48KB - Virtual size: 542KB

.rsrc Size: 6KB - Virtual size: 6KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 186KB - Virtual size: 186KB

.rdata
Size: 149KB - Virtual size: 149KB

.data
Size: 48KB - Virtual size: 542KB

.rsrc
Size: 6KB - Virtual size: 6KB

.reloc
Size: 1KB - Virtual size: 1KB