2cdbc5c997e240042df77b34c601afd484b49bd4e1e595cfb5544694c6db94e9

Sharing

Copy URL Twitter E-mail

General

Target

2cdbc5c997e240042df77b34c601afd484b49bd4e1e595cfb5544694c6db94e9
Size

145KB
MD5

4d3d1b018a8f5e9e0384ef978697f16e
SHA1

5bf360e9941cb8930464d09001506ace0ab083ab
SHA256

2cdbc5c997e240042df77b34c601afd484b49bd4e1e595cfb5544694c6db94e9
SHA512

927c179baa9dd9b1f0eab4f3a27be286a0579c9eb6c51014acb0a69a3063eec427c7fa4dd84ada0c00ef0eb991b438a341f2b3107bf98abb9415a24215ea7860
SSDEEP

3072:pqXCWOwN5iQNGcahf4DSOv4oT9lwi++IcXA3h5VzN:0C0N5bGrp4DS+4alC+IAOzN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2cdbc5c997e240042df77b34c601afd484b49bd4e1e595cfb5544694c6db94e9

Files

2cdbc5c997e240042df77b34c601afd484b49bd4e1e595cfb5544694c6db94e9
.dll windows x64

87706a280ebe6e701bc5b5fedee7050c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

kernel32

GetPrivateProfileIntA
GetLastError
MultiByteToWideChar
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
WritePrivateProfileSectionA
GetPrivateProfileSectionA
WritePrivateProfileStringA
WideCharToMultiByte
FindClose
FindFirstFileA
CloseHandle
Sleep
CreateFileA
GetProcAddress
LoadLibraryA
GetModuleFileNameA
SetLastError
TerminateProcess
HeapFree
GetProcessHeap
GetCurrentThreadId
GetTickCount
FormatMessageA
lstrlenA
LocalAlloc
LocalFree
SetFilePointer
SetStdHandle
FlushFileBuffers
WriteConsoleA
SetEndOfFile
SetEnvironmentVariableA
CompareStringW
CompareStringA
InitializeCriticalSectionAndSpinCount
GetStringTypeW
WriteConsoleW
GetStringTypeA
GetLocaleInfoA
HeapSize
GetCurrentProcessId
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
ReadFile
IsValidCodePage
GetOEMCP
GetACP
GetStartupInfoA
GetFileType
RtlLookupFunctionEntry
RtlUnwindEx
GetSystemTimeAsFileTime
HeapAlloc
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlVirtualUnwind
RtlCaptureContext
RaiseException
RtlPcToFileHeader
HeapReAlloc
FlsSetValue
GetCommandLineA
LCMapStringA
LCMapStringW
GetCPInfo
GetTimeZoneInformation
EncodePointer
DecodePointer
FlsGetValue
FlsFree
FlsAlloc
HeapSetInformation
HeapCreate
HeapDestroy
WriteFile
GetConsoleCP
GetConsoleMode
GetModuleHandleW
ExitProcess
GetStdHandle
SetHandleCount
GetConsoleOutputCP

user32

wsprintfA

ole32

CoCreateInstance
CoUninitialize
CoInitializeEx

oleaut32

SysAllocString
VariantClear
VariantTimeToSystemTime
SysFreeString

Exports

Exports

CrtConnect
CrtDisconnect
CrtGetCertificatesList
CrtGetExpirationDate
CrtInitialize
CrtShutdown

Sections

.text
Size: 103KB - Virtual size: 102KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

87706a280ebe6e701bc5b5fedee7050c

Headers

File Characteristics

Imports

kernel32

user32

ole32

oleaut32

Exports

Exports

Sections

.text Size: 103KB - Virtual size: 102KB

.rdata Size: 25KB - Virtual size: 24KB

.data Size: 7KB - Virtual size: 16KB

.pdata Size: 6KB - Virtual size: 6KB

.reloc Size: 2KB - Virtual size: 2KB

.text
Size: 103KB - Virtual size: 102KB

.rdata
Size: 25KB - Virtual size: 24KB

.data
Size: 7KB - Virtual size: 16KB

.pdata
Size: 6KB - Virtual size: 6KB

.reloc
Size: 2KB - Virtual size: 2KB