2c375c71c5b1e25841b8d9dda33cc5ca8e4d5a25f37cad615de14f2f464d00cf

Sharing

Copy URL Twitter E-mail

General

Target

2c375c71c5b1e25841b8d9dda33cc5ca8e4d5a25f37cad615de14f2f464d00cf
Size

2.2MB
MD5

6749039aff21c051bbbfa828c37e22e0
SHA1

399472c04e1c0b56e09c02718176831afcde14d5
SHA256

2c375c71c5b1e25841b8d9dda33cc5ca8e4d5a25f37cad615de14f2f464d00cf
SHA512

a561c0b8e15424b0279efad2be33c9cc327616bf08cf106af1d285e16b66bbe6dbcad43d93d28ce355546e6b3d5c2084fcfdc3705c293043fe5556673ebe1aa3
SSDEEP

49152:3gUZDgPbCDuTlNh2eRtlv1J9xm11EiqCAoYd9uGqQnm2riD2Y:3gqgwo12eRnbsnAor4mMiv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2c375c71c5b1e25841b8d9dda33cc5ca8e4d5a25f37cad615de14f2f464d00cf

Files

2c375c71c5b1e25841b8d9dda33cc5ca8e4d5a25f37cad615de14f2f464d00cf
.exe windows x86

cebabf01bff168ba5a8760aed5f8f1d5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

iphlpapi

GetAdaptersInfo

winmm

midiStreamOut

ws2_32

htons

rasapi32

RasHangUpA

kernel32

GetCurrentProcess

user32

SetWindowRgn

gdi32

ExtSelectClipRgn

winspool.drv

OpenPrinterA

advapi32

RegQueryValueExA

shell32

ShellExecuteA

ole32

OleRun

oleaut32

UnRegisterTypeLi

comctl32

ord17

wininet

InternetCloseHandle

comdlg32

ChooseColorA

msvcrt

strncpy

psapi

GetMappedFileNameW

Sections

.text
Size: 740KB - Virtual size: 1.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sedata
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sedata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cebabf01bff168ba5a8760aed5f8f1d5

Headers

File Characteristics

Imports

iphlpapi

winmm

ws2_32

rasapi32

kernel32

user32

gdi32

winspool.drv

advapi32

shell32

ole32

oleaut32

comctl32

wininet

comdlg32

msvcrt

psapi

Sections

.text Size: 740KB - Virtual size: 1.6MB

.sedata Size: 1.5MB - Virtual size: 1.5MB

.idata Size: 4KB - Virtual size: 4KB

.rsrc Size: 24KB - Virtual size: 24KB

.sedata Size: 4KB - Virtual size: 4KB

.text
Size: 740KB - Virtual size: 1.6MB

.sedata
Size: 1.5MB - Virtual size: 1.5MB

.idata
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 24KB - Virtual size: 24KB

.sedata
Size: 4KB - Virtual size: 4KB