cf1addaebcc6f323bf012ceeb0842ce0N[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

cf1addaebcc6f323bf012ceeb0842ce0N.exe
Size

496KB
MD5

cf1addaebcc6f323bf012ceeb0842ce0
SHA1

52775c081eafad6adf4392e5f35f14d093126aa7
SHA256

d4c73a887110a4abc37c7a906b4d8e760bc594278830b54d111c81be79c8cad0
SHA512

808620d08add54944d3cf639f311c382d21dcb92563e79136f681cf71774fd32bacf4533e9d84a0cc9dcb0b00c92a2e0157c8bd5046ca50e986e4e1446f2dc7b
SSDEEP

6144:SGkuuouMP3umWznhCXa4rC4a62jYZ4q1xLee+FqQUj+f:Sk/uMvu3MXa4tZzZZ1xC9FqQUI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cf1addaebcc6f323bf012ceeb0842ce0N.exe

Files

cf1addaebcc6f323bf012ceeb0842ce0N.exe
.exe windows:5 windows x86 arch:x86

f3a362d86a93663bee3c4d726260401b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

E:\Projects\桌面工具\project_code\trunk\setupIzed\Release\Uninstall.pdb

Imports

kernel32

LoadResource
LockResource
FreeResource
CreateFileA
WriteFile
CloseHandle
MultiByteToWideChar
OutputDebugStringA
GlobalAlloc
GlobalFree
GetModuleFileNameA
GetPrivateProfileStringA
GetTempPathA
CreateThread
WaitForMultipleObjects
CreateToolhelp32Snapshot
Process32First
Process32Next
Sleep
GetProcessHeap
SetEndOfFile
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
FlushFileBuffers
LoadLibraryA
GetModuleHandleA
InitializeCriticalSectionAndSpinCount
SetStdHandle
GetLocaleInfoA
GetStringTypeA
GetSystemTimeAsFileTime
GetCurrentProcessId
SizeofResource
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetConsoleMode
GetConsoleCP
HeapSize
ExitProcess
HeapReAlloc
VirtualAlloc
VirtualFree
HeapCreate
GetCurrentThreadId
SetLastError
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetProcAddress
GetModuleHandleW
IsValidCodePage
GetOEMCP
GetACP
SetFilePointer
GetFileType
GetStdHandle
SetHandleCount
GetStringTypeW
LCMapStringW
LCMapStringA
RaiseException
RtlUnwind
GetCPInfo
GetStartupInfoA
GetCommandLineA
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
HeapAlloc
HeapFree
GetTickCount
FindResourceA
GetLastError
ReadFile
WideCharToMultiByte
InterlockedIncrement
InterlockedDecrement
InterlockedExchange
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection

user32

GetWindowLongA
PostMessageA
FindWindowA
MessageBoxA
ShowWindow
wsprintfA
SetWindowLongA

shell32

ShellExecuteA

xcguid

XStatic_SetText
XEle_RedrawEle
XBtn_GetText
XBtn_SetCheck
XRadio_Create
XEle_GetWndClientRect
XBtn_SetText
XStatic_AdjustSize
XStatic_Create
XPic_Create
XWnd_GetHWnd
XWnd_RedrawWnd
XWnd_SetWindowSize
XWnd_ShowWindow
XBtn_SetImageDown
XBtn_SetImageStay
XImage_LoadResAdaptive
XBtn_SetImageLeave
XEle_EnableFocus
XEle_SetBkTransparent
XBtn_Create
XEle_ShowEle
XWnd_SetImage
XWnd_EnableBorderStrokeOuter
XWnd_EnableBorderStrokeInner
XWnd_SetCaptionHeight
XWnd_SetRoundSize
XWnd_CreateWindow
XWnd_CloseWindow
XEle_RegisterEventEx
XC_Malloc
XRunXCGUI
XInitXCGUI
XBtn_IsCheck
XCheck_Create
XProgBar_Create
XProgBar_EnablePercent
XProgBar_SetImage
XProgBar_SetImage2
XProgBar_SetPos
XImage_LoadRes

wininet

HttpQueryInfoA
InternetReadFile
InternetOpenUrlA
InternetOpenA
InternetCloseHandle

iphlpapi

GetAdaptersInfo

urlmon

URLDownloadToFileA

Sections

.text
Size: 146KB - Virtual size: 145KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 309KB - Virtual size: 308KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f3a362d86a93663bee3c4d726260401b

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

shell32

xcguid

wininet

iphlpapi

urlmon

Sections

.text Size: 146KB - Virtual size: 145KB

.rdata Size: 20KB - Virtual size: 20KB

.data Size: 7KB - Virtual size: 14KB

.rsrc Size: 309KB - Virtual size: 308KB

.reloc Size: 12KB - Virtual size: 12KB

.text
Size: 146KB - Virtual size: 145KB

.rdata
Size: 20KB - Virtual size: 20KB

.data
Size: 7KB - Virtual size: 14KB

.rsrc
Size: 309KB - Virtual size: 308KB

.reloc
Size: 12KB - Virtual size: 12KB