93515720942af23038f49ba8948deb8e74dbda56f646e60fb46c494d17369963N

Sharing

Copy URL Twitter E-mail

General

Target

93515720942af23038f49ba8948deb8e74dbda56f646e60fb46c494d17369963N
Size

13KB
MD5

1bdb5338d8b3cb1bde7d1f09f4d35df0
SHA1

a181dc61863a00b586d36fd0bf0691efb039646c
SHA256

93515720942af23038f49ba8948deb8e74dbda56f646e60fb46c494d17369963
SHA512

6beccf82d2d86d507fef49dfbfd3b08e91daf70b5c0a668e5e05fb59322dbe62f88c37a7ebd1c39bfa31be667769d6e0f963b6c56fbd01610ac054ef0bbf2317
SSDEEP

384:0u9aHjqAHxi+qLU6uzO7iFeH/bSp3WPmldD:zauAM+E8ebyzD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/uddisp.exe

Files

93515720942af23038f49ba8948deb8e74dbda56f646e60fb46c494d17369963N
.cab
uddisp.exe
.exe windows:5 windows x86 arch:x86

18980289926ade4d68201e3b0dee9fd9

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

uddisp.pdb

Imports

mfc42u

ord823
ord825

msvcrt

wcscmp
wcscpy
wcsncat
localtime
wcsftime
_CxxThrowException
_wcsicmp
swprintf
wcslen
__CxxFrameHandler
_vsnwprintf
_snwprintf
_wstrdate
_wstrtime
free
_wcsdup
wcscat
_c_exit
_exit
_XcptFilter
_cexit
exit
__winitenv
__wgetmainargs
_initterm
__setusermatherr
_controlfp
_onexit
__dllonexit
?terminate@@YAXXZ
??1type_info@@UAE@XZ
_except_handler3
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
time

msvcp60

??8std@@YA_NABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@0@Z
??9std@@YA_NABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@0@Z
??Hstd@@YA?AV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@ABV10@0@Z
??1?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@XZ
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@ABV?$allocator@G@1@@Z
?_C@?1??_Nullstr@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@CAPBGXZ@4GB
?append@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV12@ABV12@@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@ABV01@@Z
?append@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV12@PBG@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@PBGABV?$allocator@G@1@@Z
??4?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV01@PBG@Z
??Y?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV01@PBG@Z
??4?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV01@ABV01@@Z
??Y?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV01@ABV01@@Z
??Hstd@@YA?AV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@ABV10@PBG@Z

advapi32

RegCloseKey
RegQueryValueExW
RegOpenKeyW
RegOpenKeyExW
RegEnumKeyW

kernel32

FormatMessageW
LocalFree
SetFilePointer
WriteFile
FlushFileBuffers
GetSystemDefaultLCID
ExpandEnvironmentStringsW
MoveFileW
CopyFileW
CreateFileW
SetFileAttributesW
DeleteFileW
GetSystemDirectoryW
GetLastError
CreateProcessW
WaitForSingleObject
GetExitCodeProcess
ConvertDefaultLocale
CloseHandle
MultiByteToWideChar
ReleaseMutex
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetWindowsDirectoryW
CreateMutexW

shell32

SHGetFolderPathW
SHSetLocalizedName

setupapi

SetupCommitFileQueueW
SetupDefaultQueueCallbackW
SetupCloseInfFile
SetupInitDefaultQueueCallback
SetupOpenFileQueue
SetupOpenInfFileW
SetupCloseFileQueue
SetupTermDefaultQueueCallback
SetupInstallFilesFromInfSectionW

oleaut32

SysAllocString

ole32

CoInitialize
CoUninitialize
CoInitializeEx
CoCreateInstance

secur32

GetUserNameExW

msi

ord181

Sections

.text
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 1016B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

18980289926ade4d68201e3b0dee9fd9

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mfc42u

msvcrt

msvcp60

advapi32

kernel32

shell32

setupapi

oleaut32

ole32

secur32

msi

Sections

.text Size: 33KB - Virtual size: 33KB

.data Size: 512B - Virtual size: 1KB

.rsrc Size: 1024B - Virtual size: 1016B

.text
Size: 33KB - Virtual size: 33KB

.data
Size: 512B - Virtual size: 1KB

.rsrc
Size: 1024B - Virtual size: 1016B