19e29c4408e7734cffd36f254a83fbb5463d65d651dfdcd52f74a129a69f3036N[.]cab

Sharing

Copy URL

Twitter E-mail

General

Target

19e29c4408e7734cffd36f254a83fbb5463d65d651dfdcd52f74a129a69f3036N.cab
Size

360KB
MD5

6cc213e3b0fe3a95f58883272f07fb30
SHA1

5d3c974fa8ec88dfd6e5fa92aed569bbedaee9ff
SHA256

19e29c4408e7734cffd36f254a83fbb5463d65d651dfdcd52f74a129a69f3036
SHA512

49c2eca8d72636d343d5d4de6d52ef9dc0660496f7f61df4c88da5d442f35b201cceda00ed5aa3bdebc8ac56797260d558e48912377c2ed68872a4bc09b254fc
SSDEEP

6144:2OFmelWCD6R2mCDHMDO7oNPSfyC4NfQHNrCbHMNBCL9VBrkknlnwfo5womNFk3h8:5QYkYmuMiUNjC4hQHys2WklnwfoiomHD

Score

3^/10

Malware Config

Signatures

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/urdG51OK22.exe
unpack001/wrhf66hI61.exe

Files

19e29c4408e7734cffd36f254a83fbb5463d65d651dfdcd52f74a129a69f3036N.cab
.cab
urdG51OK22.exe
.exe windows:5 windows x86 arch:x86

bb33faca3c22fdf70d184f78a5e234f2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetWindowsDirectoryA
FindFirstVolumeMountPointW
ReleaseMutex
ReadConsoleInputA
VerifyVersionInfoW
GetCPInfoExW
CreateEventW
SetLocaleInfoA
GetProcAddress
GlobalAlloc
DeleteFileW
EnumResourceTypesA
LoadLibraryW
GetBinaryTypeA
LocalSize
WriteProfileStringA
GetComputerNameExW
GetConsoleAliasW
WriteProfileSectionW
GetStringTypeExA
SetSystemPowerState
SetVolumeMountPointA
EnumResourceLanguagesA
GetComputerNameW
EnumTimeFormatsW
GetSystemDirectoryA
DeleteVolumeMountPointA
GetModuleHandleA
FatalAppExitW
FreeUserPhysicalPages
WritePrivateProfileStringW
FindNextFileA
FoldStringW
GetShortPathNameA
GetFileInformationByHandle
EnumCalendarInfoW
LocalAlloc
UnhandledExceptionFilter
RtlCaptureContext
GetLastError
LoadLibraryA
DecodePointer
EncodePointer
DeleteFileA
MoveFileA
GetCommandLineW
HeapSetInformation
GetStartupInfoW
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
InterlockedIncrement
GetModuleHandleW
SetLastError
GetCurrentThreadId
InterlockedDecrement
EnterCriticalSection
LeaveCriticalSection
SetFilePointer
SetHandleCount
GetStdHandle
InitializeCriticalSectionAndSpinCount
GetFileType
DeleteCriticalSection
SetUnhandledExceptionFilter
IsDebuggerPresent
TerminateProcess
GetCurrentProcess
ExitProcess
WriteFile
GetModuleFileNameW
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapCreate
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
HeapFree
Sleep
RtlUnwind
SetStdHandle
WideCharToMultiByte
GetConsoleCP
GetConsoleMode
FlushFileBuffers
MultiByteToWideChar
LCMapStringW
GetStringTypeW
HeapAlloc
HeapReAlloc
WriteConsoleW
IsProcessorFeaturePresent
ReadFile
HeapSize
CloseHandle
CreateFileW

gdi32

GetBoundsRect

Sections

.text
Size: 58KB - Virtual size: 58KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 127KB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 44KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
wrhf66hI61.exe
.exe windows:5 windows x86 arch:x86

bb33faca3c22fdf70d184f78a5e234f2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetWindowsDirectoryA
FindFirstVolumeMountPointW
ReleaseMutex
ReadConsoleInputA
VerifyVersionInfoW
GetCPInfoExW
CreateEventW
SetLocaleInfoA
GetProcAddress
GlobalAlloc
DeleteFileW
EnumResourceTypesA
LoadLibraryW
GetBinaryTypeA
LocalSize
WriteProfileStringA
GetComputerNameExW
GetConsoleAliasW
WriteProfileSectionW
GetStringTypeExA
SetSystemPowerState
SetVolumeMountPointA
EnumResourceLanguagesA
GetComputerNameW
EnumTimeFormatsW
GetSystemDirectoryA
DeleteVolumeMountPointA
GetModuleHandleA
FatalAppExitW
FreeUserPhysicalPages
WritePrivateProfileStringW
FindNextFileA
FoldStringW
GetShortPathNameA
GetFileInformationByHandle
EnumCalendarInfoW
LocalAlloc
UnhandledExceptionFilter
RtlCaptureContext
GetLastError
LoadLibraryA
DecodePointer
EncodePointer
DeleteFileA
MoveFileA
GetCommandLineW
HeapSetInformation
GetStartupInfoW
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
InterlockedIncrement
GetModuleHandleW
SetLastError
GetCurrentThreadId
InterlockedDecrement
EnterCriticalSection
LeaveCriticalSection
SetFilePointer
SetHandleCount
GetStdHandle
InitializeCriticalSectionAndSpinCount
GetFileType
DeleteCriticalSection
SetUnhandledExceptionFilter
IsDebuggerPresent
TerminateProcess
GetCurrentProcess
ExitProcess
WriteFile
GetModuleFileNameW
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapCreate
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
HeapFree
Sleep
RtlUnwind
SetStdHandle
WideCharToMultiByte
GetConsoleCP
GetConsoleMode
FlushFileBuffers
MultiByteToWideChar
LCMapStringW
GetStringTypeW
HeapAlloc
HeapReAlloc
WriteConsoleW
IsProcessorFeaturePresent
ReadFile
HeapSize
CloseHandle
CreateFileW

gdi32

GetBoundsRect

Sections

.text
Size: 58KB - Virtual size: 58KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 186KB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 44KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bb33faca3c22fdf70d184f78a5e234f2

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

gdi32

Sections

.text Size: 58KB - Virtual size: 58KB

.data Size: 127KB - Virtual size: 1.4MB

.rsrc Size: 44KB - Virtual size: 44KB

bb33faca3c22fdf70d184f78a5e234f2

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

gdi32

Sections

.text Size: 58KB - Virtual size: 58KB

.data Size: 186KB - Virtual size: 1.4MB

.rsrc Size: 44KB - Virtual size: 44KB

.text
Size: 58KB - Virtual size: 58KB

.data
Size: 127KB - Virtual size: 1.4MB

.rsrc
Size: 44KB - Virtual size: 44KB

.text
Size: 58KB - Virtual size: 58KB

.data
Size: 186KB - Virtual size: 1.4MB

.rsrc
Size: 44KB - Virtual size: 44KB