c43b07d651f5569ba80d98ae5b87d230N

Sharing

Copy URL Twitter E-mail

General

Target

c43b07d651f5569ba80d98ae5b87d230N
Size

858KB
MD5

c43b07d651f5569ba80d98ae5b87d230
SHA1

cfb7fd5eeb856f9f09dd4a557c99b3e5f96e9819
SHA256

41db3549adec5d8eb64ee66191e7308d0150ccf3f1323f46f2cb2c94c53820c6
SHA512

93a574d9d19f87c6fe3633f52f866c066121cb922f1ed0b2cd1104be282a31d84a9e36a331b79aee69e5a53bb97ae762cd5556baf4f104dd05f027a3225c6ce1
SSDEEP

12288:s/CMok7MYsK74kmx0gLSSh7jsY20HezEjwKzqn:mKk7Ml9jegLeYvH4IWn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c43b07d651f5569ba80d98ae5b87d230N

Files

c43b07d651f5569ba80d98ae5b87d230N
.exe windows:4 windows x86 arch:x86

1ff011c2e13ea492fe69b2fbfc802083

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\cbs\build\02d651b0-a4ed-1015-905b-e2ff11aaef4a\in\OpenAL\AL_Installer\Release\oalinst.pdb

Imports

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

kernel32

GetFileAttributesA
GetProcAddress
LoadLibraryA
FreeResource
SizeofResource
LoadResource
FindResourceA
ReadFile
SetEndOfFile
GetLocaleInfoW
HeapSize
IsValidCodePage
IsValidLocale
DeleteFileA
GetLocaleInfoA
GetUserDefaultLCID
GetDateFormatA
GetTimeFormatA
GetStringTypeW
GetStringTypeA
CreateFileA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetFilePointer
FlushFileBuffers
SetStdHandle
InterlockedExchange
RemoveDirectoryA
CreateDirectoryA
GetModuleFileNameA
GetSystemDirectoryA
CopyFileA
GetTempFileNameA
LockResource
MoveFileExA
GetTimeZoneInformation
CompareStringA
CompareStringW
EnumSystemLocalesA
VirtualAlloc
GetLastError
HeapFree
HeapAlloc
MoveFileA
GetCommandLineA
GetVersionExA
GetProcessHeap
GetStartupInfoA
HeapDestroy
HeapCreate
VirtualFree
DeleteCriticalSection
LeaveCriticalSection
FatalAppExitA
EnterCriticalSection
SetEnvironmentVariableA
HeapReAlloc
GetModuleHandleA
ExitProcess
WriteFile
GetStdHandle
CloseHandle
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
WideCharToMultiByte
GetConsoleCP
GetConsoleMode
RtlUnwind
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetCurrentThreadId
GetCurrentThread
LCMapStringA
MultiByteToWideChar
LCMapStringW
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
InitializeCriticalSection
Sleep
SetConsoleCtrlHandler
FreeLibrary

user32

LoadCursorA
RegisterClassExA
ShowWindow
UpdateWindow
GetMessageA
TranslateMessage
DispatchMessageA
MessageBoxA
PostQuitMessage
LoadIconA
SetClassLongA
LoadImageA
CreateWindowExA
SendMessageA
BeginPaint
GetClientRect
MoveWindow
DrawTextA
EndPaint
DefWindowProcA

gdi32

CreateCompatibleDC
SelectObject
BitBlt
DeleteDC
GetStockObject

advapi32

RegOpenKeyExA
RegCreateKeyExA
RegQueryValueExA
RegSetValueExA
RegCloseKey
RegDeleteKeyA

Sections

.text
Size: 116KB - Virtual size: 113KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 12KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 704KB - Virtual size: 704KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

1ff011c2e13ea492fe69b2fbfc802083

Headers

File Characteristics

PDB Paths

Imports

version

kernel32

user32

gdi32

advapi32

Sections

.text Size: 116KB - Virtual size: 113KB

.rdata Size: 16KB - Virtual size: 13KB

.data Size: 12KB - Virtual size: 15KB

.rsrc Size: 704KB - Virtual size: 704KB

.text
Size: 116KB - Virtual size: 113KB

.rdata
Size: 16KB - Virtual size: 13KB

.data
Size: 12KB - Virtual size: 15KB

.rsrc
Size: 704KB - Virtual size: 704KB