2cdea7f4d2220b6e116354959131005437dca7695f7cf28b1c62234b9cc6e9c5

Sharing

Copy URL Twitter E-mail

General

Target

2cdea7f4d2220b6e116354959131005437dca7695f7cf28b1c62234b9cc6e9c5
Size

4.7MB
MD5

42141091d9e69dca9e1926c09ea1e7da
SHA1

5919807a0c9e00b468a04275c4799b4f411762a1
SHA256

2cdea7f4d2220b6e116354959131005437dca7695f7cf28b1c62234b9cc6e9c5
SHA512

14a561f36240d5da441bbd6acaafdbe8fd164358673592a8ce2d7813e3a0bcff70b461ca64e43f5e881133abdf7486cf8ad77da6a4f8b4c96be6b077bba2e84f
SSDEEP

98304:bZYoQxYfBKPbpBmQfbVDVMuB/SvAd/88Me/rw4XnZGWHcOcC06S6:bnQq5KjTmcVDVMuBqmbFXnUS0+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2cdea7f4d2220b6e116354959131005437dca7695f7cf28b1c62234b9cc6e9c5

Files

2cdea7f4d2220b6e116354959131005437dca7695f7cf28b1c62234b9cc6e9c5
.exe windows x86

0fc3e1b8f70677c357b6bf34ecb14b18

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

hid

HidD_GetAttributes

setupapi

SetupDiGetClassDevsA

kernel32

GetEnvironmentStringsW

user32

RegisterClipboardFormatA

gdi32

GetTextExtentPoint32W

msimg32

TransparentBlt

winspool.drv

DocumentPropertiesA

advapi32

SystemFunction036

shell32

SHGetMalloc

shlwapi

PathFindFileNameA

uxtheme

GetThemeSysColor

ole32

RevokeDragDrop

oleaut32

SafeArrayGetDim

oledlg

ord9

gdiplus

GdipDrawImageRectI

oleacc

AccessibleObjectFromWindow

imm32

ImmGetContext

winmm

PlaySoundA

msvcrt

strncpy

iphlpapi

GetInterfaceInfo

psapi

GetMappedFileNameW

Sections

.textbss
Size: 3.4MB - Virtual size: 12.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sedata
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 81KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sedata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0fc3e1b8f70677c357b6bf34ecb14b18

Headers

DLL Characteristics

File Characteristics

Imports

hid

setupapi

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

shlwapi

uxtheme

ole32

oleaut32

oledlg

gdiplus

oleacc

imm32

winmm

msvcrt

iphlpapi

psapi

Sections

.textbss Size: 3.4MB - Virtual size: 12.4MB

.sedata Size: 1.3MB - Virtual size: 1.3MB

.idata Size: 1KB - Virtual size: 4KB

.rsrc Size: 81KB - Virtual size: 84KB

.sedata Size: 4KB - Virtual size: 4KB

.textbss
Size: 3.4MB - Virtual size: 12.4MB

.sedata
Size: 1.3MB - Virtual size: 1.3MB

.idata
Size: 1KB - Virtual size: 4KB

.rsrc
Size: 81KB - Virtual size: 84KB

.sedata
Size: 4KB - Virtual size: 4KB