cbc583dfe071319adbb16df2e421c290N[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

cbc583dfe071319adbb16df2e421c290N.exe
Size

140KB
MD5

cbc583dfe071319adbb16df2e421c290
SHA1

6e41f0a13fc3bb1e628bbce913b82eee00920a85
SHA256

e7b8013f14a2a29114335f22b369a542ad83a5a43ec06e414e5d25f63e8c53b7
SHA512

9663a37af88828e54329ab809adc8ae6c1cca4d1fe7547dfd1bd4354d5e08c0d7b6cb31f5bd922933b9d7cb28d000d599c26e8f4cfa184495b4b9d08630dac87
SSDEEP

1536:gZbn7ok0CnNZJigiDLPpFsbe8LMeoJcr+7wA1TeaYJJ3DTxS03r/Hgtibt+zj5:xeCDLBFSTHocsBeLS03rv3bt+H5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cbc583dfe071319adbb16df2e421c290N.exe

Files

cbc583dfe071319adbb16df2e421c290N.exe
.exe windows:4 windows x86 arch:x86

41f07b8701bf00586f27cecf8030f68d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

setupapi

SetupDiGetDeviceRegistryPropertyA
SetupDiEnumDeviceInfo
SetupDiGetClassDevsA
SetupDiDestroyDeviceInfoList

shlwapi

PathFileExistsA

kernel32

GetVersion
GetCurrentProcess
GetProcAddress
GetModuleHandleA
GetWindowsDirectoryA
GetPrivateProfileStringA
GetModuleFileNameA
GetTempPathA
GetLastError
CreateDirectoryA
DeleteFileA
GetTempFileNameA
CloseHandle
GetExitCodeProcess
CreateProcessA
GetVersionExA
lstrlenA
LocalAlloc
GetLocaleInfoA
SetFileAttributesA
GetFileAttributesA
Sleep
FindClose
FindNextFileA
FindFirstFileA
GetFileSize
CreateFileA
CopyFileA
TerminateProcess
SetEnvironmentVariableA
CreateSemaphoreA
GetTickCount
SetCurrentDirectoryA
SetLastError
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetEndOfFile
CompareStringA
CompareStringW
LocalFree
GetTimeZoneInformation
LoadLibraryA
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RaiseException
RtlUnwind
GetLocalTime
WideCharToMultiByte
HeapFree
HeapReAlloc
HeapAlloc
GetCommandLineA
GetProcessHeap
GetStartupInfoA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
GetCurrentThreadId
InterlockedDecrement
EnterCriticalSection
LeaveCriticalSection
SetHandleCount
GetStdHandle
GetFileType
DeleteCriticalSection
GetCPInfo
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapSize
ExitProcess
WriteFile
MultiByteToWideChar
ReadFile
SetFilePointer
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetACP
GetOEMCP
IsValidCodePage
SetStdHandle
GetConsoleCP
GetConsoleMode
FlushFileBuffers
InitializeCriticalSection
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW

user32

GetAsyncKeyState

advapi32

RegQueryValueExA
RegDeleteValueA
RegOpenKeyExA
RegQueryInfoKeyA
RegEnumValueA
RegCloseKey
RegEnumKeyExA

shell32

ShellExecuteA

Sections

.text
Size: 100KB - Virtual size: 98KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

41f07b8701bf00586f27cecf8030f68d

Headers

File Characteristics

Imports

setupapi

shlwapi

kernel32

user32

advapi32

shell32

Sections

.text Size: 100KB - Virtual size: 98KB

.rdata Size: 24KB - Virtual size: 21KB

.data Size: 8KB - Virtual size: 16KB

.rsrc Size: 4KB - Virtual size: 1KB

.text
Size: 100KB - Virtual size: 98KB

.rdata
Size: 24KB - Virtual size: 21KB

.data
Size: 8KB - Virtual size: 16KB

.rsrc
Size: 4KB - Virtual size: 1KB