c0cd11b1a1f30dcbb31694e887195aa4e39aae9f108aa55f193f0edfc4b83149[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

c0cd11b1a1f30dcbb31694e887195aa4e39aae9f108aa55f193f0edfc4b83149.exe
Size

574KB
MD5

dd51ceba2a3c0ff30fa6fac4f727c50c
SHA1

453765e0daf994286bd73219edcd6f1ea90e1fbb
SHA256

c0cd11b1a1f30dcbb31694e887195aa4e39aae9f108aa55f193f0edfc4b83149
SHA512

bb76497f8d6b9a6e519512b36bc02ac55c4414d6047d81b49622e585ae617d93ffba9ba393013f712a134819b98241969e806eb94d3a89cc811c1e01d92b1bae
SSDEEP

6144:4G5acc4UubGLev55w9A/tN52IMI2CrC+Ey+23Pq/OaIU+BHoa8mSpPah8iTKp3hf:42lXJvzUAnUIMIvmM/6OID9SM6FDacBA

Score

1^/10

Malware Config

Signatures

Files

c0cd11b1a1f30dcbb31694e887195aa4e39aae9f108aa55f193f0edfc4b83149.exe
.exe windows:4 windows x86 arch:x86

ea5e67a7a61f9956e4601b8f30e3621c

Code Sign

d9:00:76:79:76:32:82:43:97:56:a0:d0:76:ab:3d:61:96:a9:ee:fd
Signer

Actual PE Digest

d9:00:76:79:76:32:82:43:97:56:a0:d0:76:ab:3d:61:96:a9:ee:fd

Digest Algorithm

sha1

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalSize
HeapCreate
IsBadCodePtr
IsBadWritePtr
GetTempPathW
SetFileTime
GetExitCodeProcess
GetCurrentThreadId
CompareFileTime
GetFileTime
FindClose
GetTickCount
EnumSystemCodePagesW
HeapFree
HeapAlloc
GetCommandLineW
GetCommandLineA
lstrcmpA
GetProcessHeap
GetVersionExA
GetACP
GetOEMCP
GetUserDefaultLangID
GetLocaleInfoA
GetStartupInfoA
CreateEventA
GetLastError
WaitForSingleObject
FreeLibrary
MulDiv
SetEvent
CloseHandle
GlobalLock
GlobalUnlock
Sleep
ExitProcess
GetTimeFormatA
GetTimeFormatW
GetDateFormatA
GetDateFormatW
CreateProcessA
CreateProcessW
ExpandEnvironmentStringsA
ExpandEnvironmentStringsW
SearchPathA
SearchPathW
GetFullPathNameA
GetFullPathNameW
GetModuleHandleW
LoadLibraryA
LoadLibraryW
SetCurrentDirectoryA
SetCurrentDirectoryW
FindFirstFileA
FindFirstFileW
SetFileAttributesA
SetFileAttributesW
GetFileAttributesW
DeleteFileA
DeleteFileW
CreateFileA
CreateFileW
GetModuleFileNameA
GetModuleFileNameW
GetCurrentDirectoryA
GetCurrentDirectoryW
FindNextFileA
FindNextFileW
WideCharToMultiByte
GetWindowsDirectoryW
GetModuleHandleA
GetProcAddress
GetFileAttributesA
WriteFile
ReadFile
SetFilePointer
GetFileSize
lstrlenA
lstrlenW
MultiByteToWideChar
GlobalFree
HeapDestroy
GlobalAlloc
SetTimeZoneInformation
InterlockedIncrement
LocalFlags
GetProfileSectionA
SetConsoleOutputCP
AllocConsole
CreateRemoteThread
GetLongPathNameW
IsBadHugeReadPtr
SetConsoleActiveScreenBuffer
GetDefaultCommConfigA
LCMapStringW
Process32First
CreateDirectoryExA
VirtualQuery
ClearCommError
DisconnectNamedPipe
GetProfileStringW
WriteConsoleOutputAttribute
GlobalAddAtomA
GetEnvironmentVariableW
GetConsoleAliasExesW
SetUnhandledExceptionFilter
TlsFree
ConvertThreadToFiber
FindFirstChangeNotificationW
CreateDirectoryW
FindNextVolumeA
CreateThread
RtlFillMemory
HeapCompact
SetComputerNameW
DosDateTimeToFileTime
LocalAlloc
EnumCalendarInfoW
WritePrivateProfileStructW
VirtualAllocEx

user32

CreatePopupMenu
GetKeyState
DefFrameProcW
PostQuitMessage
ModifyMenuW
DestroyIcon
DestroyCursor
SetTimer
GetWindow
DefFrameProcA
CheckMenuItem
GetQueueStatus
GetKeyboardState
CheckMenuRadioItem
GetSystemMetrics
DrawMenuBar
DeleteMenu
GetSubMenu
LoadCursorA
GetKeyboardLayout
IsWindowVisible
GetClassNameW
GetClassNameA
SetWindowPos
SetScrollInfo
GetScrollInfo
ReleaseCapture
CallNextHookEx
MapVirtualKeyW
MapVirtualKeyA
UnhookWindowsHookEx
GetDlgItem
EndDialog
IsChild
RedrawWindow
MoveWindow
SetCapture
ActivateKeyboardLayout
SetForegroundWindow
GetForegroundWindow
SystemParametersInfoA
LoadMenuA
LoadMenuW
LoadAcceleratorsA
LoadAcceleratorsW
LoadIconA
LoadIconW
LoadImageA
LoadImageW
CreateDialogParamW
CreateDialogParamA
DialogBoxParamW
DialogBoxParamA
EnumThreadWindows
WaitForInputIdle
BringWindowToTop
EnableWindow
CloseClipboard
GetClipboardData
OpenClipboard
MessageBeep
SetCursorPos
DrawTextW
DrawTextA
GetKeyboardLayoutList
EnumWindows
SetActiveWindow
GetActiveWindow
EndPaint
DrawFrameControl
BeginPaint
GetCapture
FrameRect
SetDlgItemInt
GetDlgItemInt
SetWindowsHookExA
CharUpperA
RegisterClipboardFormatA
HideCaret
SetMenuDefaultItem
IsClipboardFormatAvailable
SetCaretPos
SetClipboardData
EmptyClipboard
UnregisterClassA
UnregisterClassW
CreateCaret
DestroyCaret
ScrollWindow
ShowScrollBar
GetDoubleClickTime
GetMessageTime
GetUpdateRect
IntersectRect
InsertMenuA
InsertMenuW
AppendMenuA
AppendMenuW
SetDlgItemTextA
SetDlgItemTextW
SetWindowTextA
SetWindowTextW
FindWindowExA
FindWindowExW
CreateMDIWindowA
CreateMDIWindowW
CreateWindowExA
CreateWindowExW
RegisterClassA
RegisterClassW
ScreenToClient
TrackPopupMenu
GetSystemMenu
KillTimer
SetCursor
GetMenuStringA
GetMenuStringW
LoadStringA
LoadStringW
SendMessageW
IsDialogMessageA
IsDialogMessageW
TranslateAcceleratorA
TranslateAcceleratorW
DispatchMessageA
DispatchMessageW
PeekMessageA
PeekMessageW
GetMessageA
GetMessageW
GetDlgItemTextA
GetDlgItemTextW
GetWindowTextA
GetWindowTextW
GetWindowTextLengthA
GetWindowTextLengthW
SetWindowLongA
SetWindowLongW
GetWindowLongA
GetWindowLongW
SetClassLongA
SetClassLongW
GetClassLongA
GetClassLongW
GetKeyNameTextA
GetKeyNameTextW
DefWindowProcA
DefWindowProcW
InvalidateRect
UpdateWindow
ValidateRect
GetDC
GetClientRect
GetSysColorBrush
FillRect
DrawEdge
GetFocus
DrawFocusRect
DestroyMenu
DefMDIChildProcA
DefMDIChildProcW
SetFocus
ClientToScreen
EnableMenuItem
ShowWindow
TranslateMessage
ShowCaret
ModifyMenuA
IsWindowEnabled
GetSysColor
DrawStateA
ReleaseDC
IsWindowUnicode
CallWindowProcA
CallWindowProcW
GetDlgCtrlID
GetParent
PostMessageA
GetCursorPos
PtInRect
GetWindowRect
DestroyWindow
SendMessageA
MessageBoxW
DestroyAcceleratorTable
SetPropW
AllowSetForegroundWindow
EditWndProc
ChangeMenuA
GetClipCursor
EnumDisplaySettingsA
RemovePropW
DlgDirSelectExA
PaintDesktop
GetWindowInfo
CloseWindow
SetScrollPos
EnumDesktopWindows
CascadeWindows
CharToOemBuffA
GetWindowModuleFileName
RealGetWindowClassA
VkKeyScanA
SetPropA
GetMessageExtraInfo
IMPGetIMEA
GetMenuContextHelpId
GetWindowWord
IsWindow
BroadcastSystemMessage
ArrangeIconicWindows
GetWindowModuleFileNameW
GrayStringW
DdeInitializeW
SetRect
IsHungAppWindow
LoadCursorFromFileA

gdi32

PlayEnhMetaFile
CreateSolidBrush
CreateCompatibleBitmap
CreateCompatibleDC
DeleteEnhMetaFile
CloseEnhMetaFile
CreateEnhMetaFileW
CreateEnhMetaFileA
CreateDIBSection
GetBkMode
BitBlt
TextOutA
TextOutW
SetBkMode
SetBkColor
SetTextColor
GetObjectA
GetTextMetricsA
GetObjectW
GetTextMetricsW
CreateRectRgn
StartPage
EndPage
EndDoc
GetTextExtentPoint32W
GetTextAlign
SetTextAlign
ExtTextOutW
CreateBitmap
CreatePatternBrush
PatBlt
DeleteDC
CreateDCW
CreateDCA
GetDeviceCaps
GetStockObject
StartDocA
StartDocW
CreateFontIndirectA
CreateFontIndirectW
CreatePen
SelectObject
MoveToEx
LineTo
ExtTextOutA
DeleteObject
GdiEntry9
PolyTextOutW
EngQueryLocalTime
GdiAlphaBlend
GdiQueryTable
BRUSHOBJ_hGetColorTransform
GdiGetSpoolMessage
GetSystemPaletteEntries
SetBrushOrgEx
EngCopyBits
CreateICA
EnumEnhMetaFile
HT_Get8BPPMaskPalette
CreateDIBPatternBrush
UnrealizeObject
EngGradientFill
EngAlphaBlend
GetTextExtentExPointW
STROBJ_bEnumPositionsOnly
GetAspectRatioFilterEx
GdiDllInitialize
CLIPOBJ_ppoGetPath
SetEnhMetaFileBits
SetAbortProc
GetPixel
bInitSystemAndFontsDirectoriesW
SaveDC
GetKerningPairsW
XLATEOBJ_hGetColorTransform
EnumFontFamiliesA
ExtSelectClipRgn
SetDeviceGammaRamp
QueryFontAssocStatus
SelectPalette
GdiEntry5
GdiGetCodePage
AddFontResourceTracking
CreateFontIndirectExW
ColorCorrectPalette
GdiEntry2
GetEnhMetaFileA

comdlg32

PageSetupDlgW
PageSetupDlgA
GetSaveFileNameW
ChooseColorW
PrintDlgW
PrintDlgA
ChooseFontA
ChooseFontW
GetOpenFileNameA
GetSaveFileNameA
GetOpenFileNameW
ChooseColorA

advapi32

RegSetValueExA
RegDeleteValueA
RegEnumValueA
RegOpenKeyExA
RegEnumValueW
RegCreateKeyExW
RegCreateKeyExA
RegEnumKeyExW
RegDeleteKeyA
RegDeleteKeyW
RegDeleteValueW
RegCloseKey
RegSetValueExW
RegQueryValueExA
RegQueryValueExW
RegOpenKeyExW
RegOpenKeyW

shell32

ShellExecuteExW
SHChangeNotify
SHGetMalloc
DragAcceptFiles
ShellExecuteA
ShellExecuteW
DragQueryFileA
DragQueryFileW
DragFinish
SHBindToParent
ExtractAssociatedIconExA
SHGetIconOverlayIndexW
DragQueryPoint
CheckEscapesW
ExtractIconW
DoEnvironmentSubstW
SHGetDiskFreeSpaceExA
SHGetFileInfo
SHGetFolderPathA
DragQueryFileAorW
SHInvokePrinterCommandA
SHGetDataFromIDListA

ole32

ReleaseStgMedium
RevokeDragDrop
RegisterDragDrop
OleInitialize
OleUninitialize
DoDragDrop

imm32

ImmSetCompositionFontA
ImmSetCompositionFontW
ImmGetCompositionStringW
ImmEscapeW
ImmSetCandidateWindow
ImmGetContext
ImmSetCompositionWindow
ImmReleaseContext

Sections

.text
Size: 457KB - Virtual size: 456KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata4
Size: 512B - Virtual size: 483B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata3
Size: 512B - Virtual size: 483B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata2
Size: 512B - Virtual size: 483B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 280B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 111KB - Virtual size: 110KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata5
Size: 512B - Virtual size: 483B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ea5e67a7a61f9956e4601b8f30e3621c

Code Sign

d9:00:76:79:76:32:82:43:97:56:a0:d0:76:ab:3d:61:96:a9:ee:fdSigner

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

imm32

Sections

.text Size: 457KB - Virtual size: 456KB

.rdata4 Size: 512B - Virtual size: 483B

.rdata3 Size: 512B - Virtual size: 483B

.rdata2 Size: 512B - Virtual size: 483B

.rdata Size: 512B - Virtual size: 280B

.data Size: 111KB - Virtual size: 110KB

.rdata5 Size: 512B - Virtual size: 483B

.rsrc Size: 2KB - Virtual size: 1KB

d9:00:76:79:76:32:82:43:97:56:a0:d0:76:ab:3d:61:96:a9:ee:fd
Signer

.text
Size: 457KB - Virtual size: 456KB

.rdata4
Size: 512B - Virtual size: 483B

.rdata3
Size: 512B - Virtual size: 483B

.rdata2
Size: 512B - Virtual size: 483B

.rdata
Size: 512B - Virtual size: 280B

.data
Size: 111KB - Virtual size: 110KB

.rdata5
Size: 512B - Virtual size: 483B

.rsrc
Size: 2KB - Virtual size: 1KB