2cf69e279305cd392709cd3403fcb1dd87c2ff62e553d36e361c4f55cfeeeb71

Sharing

Copy URL Twitter E-mail

General

Target

2cf69e279305cd392709cd3403fcb1dd87c2ff62e553d36e361c4f55cfeeeb71
Size

13.1MB
MD5

f31a452c3e09e5a3ab0fb0519a93d3c9
SHA1

e2b9db97332f84d8e2c2e7a57b7dc9929fee3ce0
SHA256

2cf69e279305cd392709cd3403fcb1dd87c2ff62e553d36e361c4f55cfeeeb71
SHA512

6326fdeb46a1f0a217a323ed6062c2fbf510293b3a25160fc8ae54e91b6fc171f4de3d70df39ed52d9359beb486e5433fb51eb1bf6794b79d65b7d73c116932a
SSDEEP

393216:pn5+3f8CBKv8J5iPfVL03t4v97UD0xeF9kWM:pn6HBKvI5i3VI3gwD/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2cf69e279305cd392709cd3403fcb1dd87c2ff62e553d36e361c4f55cfeeeb71

Files

2cf69e279305cd392709cd3403fcb1dd87c2ff62e553d36e361c4f55cfeeeb71
.exe windows:6 windows x64

fd867d283c8335cc9c03060aaa4c760d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

WriteFile
GetSystemTimeAsFileTime
HeapAlloc
HeapFree
ExitProcess
LoadLibraryA
GetModuleHandleA
GetProcAddress

Sections

.text
Size: - Virtual size: 623KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 736KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 431KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: - Virtual size: 156B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.zdebug_
Size: - Virtual size: 297B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.zdebug_
Size: - Virtual size: 133KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.zdebug_
Size: - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.debug_g
Size: - Virtual size: 48B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.zdebug_
Size: - Virtual size: 446KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.zdebug_
Size: - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.zdebug_
Size: - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vu}
Size: - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.symtab
Size: - Virtual size: 108KB

IMAGE_SCN_MEM_READ

.S_{
Size: - Virtual size: 6.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.$/W
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.cW9
Size: 13.1MB - Virtual size: 13.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 240B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fd867d283c8335cc9c03060aaa4c760d

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

Sections

.text Size: - Virtual size: 623KB

.rdata Size: - Virtual size: 736KB

.data Size: - Virtual size: 431KB

.pdata Size: - Virtual size: 16KB

.xdata Size: - Virtual size: 156B

.zdebug_ Size: - Virtual size: 297B

.zdebug_ Size: - Virtual size: 133KB

.zdebug_ Size: - Virtual size: 25KB

.debug_g Size: - Virtual size: 48B

.zdebug_ Size: - Virtual size: 446KB

.zdebug_ Size: - Virtual size: 128KB

.zdebug_ Size: - Virtual size: 46KB

.idata Size: - Virtual size: 1KB

.vu} Size: - Virtual size: 12KB

.symtab Size: - Virtual size: 108KB

.S_{ Size: - Virtual size: 6.9MB

.$/W Size: 2KB - Virtual size: 2KB

.cW9 Size: 13.1MB - Virtual size: 13.1MB

.reloc Size: 512B - Virtual size: 240B

.text
Size: - Virtual size: 623KB

.rdata
Size: - Virtual size: 736KB

.data
Size: - Virtual size: 431KB

.pdata
Size: - Virtual size: 16KB

.xdata
Size: - Virtual size: 156B

.zdebug_
Size: - Virtual size: 297B

.zdebug_
Size: - Virtual size: 133KB

.zdebug_
Size: - Virtual size: 25KB

.debug_g
Size: - Virtual size: 48B

.zdebug_
Size: - Virtual size: 446KB

.zdebug_
Size: - Virtual size: 128KB

.zdebug_
Size: - Virtual size: 46KB

.idata
Size: - Virtual size: 1KB

.vu}
Size: - Virtual size: 12KB

.symtab
Size: - Virtual size: 108KB

.S_{
Size: - Virtual size: 6.9MB

.$/W
Size: 2KB - Virtual size: 2KB

.cW9
Size: 13.1MB - Virtual size: 13.1MB

.reloc
Size: 512B - Virtual size: 240B