c0dcb73e5dbc47b05780193b25f9d26321b68ea484c435cf0cbdbc4716f94234N

Sharing

Copy URL Twitter E-mail

General

Target

c0dcb73e5dbc47b05780193b25f9d26321b68ea484c435cf0cbdbc4716f94234N
Size

112KB
MD5

f1ac847038af5690668192161c7d3740
SHA1

0c39732ac426dc8fd261e7b557c0d47fe2e9d0c4
SHA256

c0dcb73e5dbc47b05780193b25f9d26321b68ea484c435cf0cbdbc4716f94234
SHA512

4c810ffc5be09e5190eb0442e2ac884a8ad96064191e4a86e8f3ccfc0911da9cef707c36c017124b3ec032e04ee3ed6ff384d527a0de0254e2b6b97653a1f8ce
SSDEEP

3072:WRvEKVgTjQHC9l5eIctPF5Yb5qiNuHKMMiU1m9:WR7VksJPF5V6SKNP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c0dcb73e5dbc47b05780193b25f9d26321b68ea484c435cf0cbdbc4716f94234N

Files

c0dcb73e5dbc47b05780193b25f9d26321b68ea484c435cf0cbdbc4716f94234N
.exe windows:4 windows x86 arch:x86

e837422256cc8662517da239511d6f39

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

oleaut32

VariantCopyInd
VariantClear
SysFreeString
SysAllocStringLen
LoadTypeLib

advapi32

AdjustTokenPrivileges
QueryServiceStatus
OpenProcessToken
InitializeSecurityDescriptor
DeleteService
CloseServiceHandle

ole32

RevokeDragDrop
OleInitialize
OleFlushClipboard
GetConvertStg
CreateDataAdviseHolder
CLSIDFromProgID
CoUninitialize
CoTaskMemFree
CoRevokeClassObject
CoResumeClassObjects
CoGetMalloc
CoFileTimeNow
CoCreateInstance
CoCreateGuid
WriteFmtUserTypeStg

user32

SetFocus
OemToCharBuffA
MessageBoxIndirectA
LoadBitmapA
CreateMenu
CreateCursor
CharUpperA
CharToOemBuffA
CharPrevA

shell32

SHFileOperationA
SHGetFileInfoA
SHGetMalloc
SHBindToParent

shlwapi

PathIsRootA
PathFileExistsA
PathMatchSpecA
SHAutoComplete
StrStrIA
PathFindFileNameA
PathIsRelativeA

msvcrt

strlen
strchr
getenv
rand
memcpy
free
strstr

kernel32

lstrcpynA
lstrlenA
lstrcatA
Sleep
SetLastError
RaiseException
OpenFileMappingA
GetVersion
GetSystemTimeAsFileTime
GetLocalTime
ExitThread
EnumResourceTypesA
EnumResourceNamesA
CompareStringA
CloseHandle
lstrcmpA

Exports

Exports

Akc
Bgw
Bra
Csn
Cto
Iwj
Kee
Nwc
Pum
Qvu
Vkt
Ydm
Zsv

Sections

.text
Size: 26KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 25KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e837422256cc8662517da239511d6f39

Headers

File Characteristics

Imports

oleaut32

advapi32

ole32

user32

shell32

shlwapi

msvcrt

kernel32

Exports

Exports

Sections

.text Size: 26KB - Virtual size: 28KB

.rdata Size: 32KB - Virtual size: 36KB

.data Size: 25KB - Virtual size: 28KB

.idata Size: 2KB - Virtual size: 4KB

.rsrc Size: 24KB - Virtual size: 28KB

.text
Size: 26KB - Virtual size: 28KB

.rdata
Size: 32KB - Virtual size: 36KB

.data
Size: 25KB - Virtual size: 28KB

.idata
Size: 2KB - Virtual size: 4KB

.rsrc
Size: 24KB - Virtual size: 28KB