2ce72b609ca2c6476c0cf8337779b9b8c8cb25d858740d91a26c23f3e9102a0b

General

Target

2ce72b609ca2c6476c0cf8337779b9b8c8cb25d858740d91a26c23f3e9102a0b
Size

46KB
MD5

0e001d37c34f5eeb856d6e68077daaa2
SHA1

ee9c649275399a79e60138654adbbc4ec447ab7c
SHA256

2ce72b609ca2c6476c0cf8337779b9b8c8cb25d858740d91a26c23f3e9102a0b
SHA512

633e0617858c38e10f300f42c32abf7019560ef861698151fb0cfe540cb93b2d7ca1d1fd014159a9c6ae5c4b983d52f754933c766f383e69d32c3145382d5db7
SSDEEP

768:UiWX5fYUuzOEpe+3TGYxnOl+TkApekoDl:UiWpLuSEQATGYFOloZoDl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2ce72b609ca2c6476c0cf8337779b9b8c8cb25d858740d91a26c23f3e9102a0b

Files

2ce72b609ca2c6476c0cf8337779b9b8c8cb25d858740d91a26c23f3e9102a0b
.exe windows:4 windows x86

62a61f72aa2ea72510267cef343edf61

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrlenW
lstrcpyW
SetCurrentDirectoryW
GetModuleFileNameW
lstrcmpW
GetConsoleWindow
AllocConsole
CloseHandle
CreateProcessW
GetStringTypeA
LCMapStringW
LCMapStringA
WideCharToMultiByte
SetStdHandle
SetFilePointer
ReadFile
SetEndOfFile
LoadLibraryA
GetProcAddress
FlushFileBuffers
HeapReAlloc
VirtualAlloc
CreateFileW
GetLastError
WriteFile
RtlUnwind
HeapFree
VirtualFree
HeapCreate
HeapDestroy
GetVersionExA
GetEnvironmentVariableA
GetModuleHandleA
GetStartupInfoW
GetVersion
ExitProcess
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
HeapAlloc
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
FreeEnvironmentStringsA
MultiByteToWideChar
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetEnvironmentStrings
GetCommandLineW
GetCommandLineA
GetModuleFileNameA
GetStringTypeW

shell32

Shell_NotifyIconW

user32

DispatchMessageW
SetWindowTextW
LoadStringW
CreateWindowExW
UpdateWindow
LoadCursorW
RegisterClassExW
DefWindowProcW
IsWindowVisible
TranslateMessage
SetForegroundWindow
PostQuitMessage
CreatePopupMenu
AppendMenuW
GetCursorPos
TrackPopupMenu
PostMessageW
DestroyMenu
LoadIconW
GetMessageW
ShowWindow

Sections

.text
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

62a61f72aa2ea72510267cef343edf61

Headers

File Characteristics

Imports

kernel32

shell32

user32

Sections

.text Size: 22KB - Virtual size: 22KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 12KB - Virtual size: 27KB

.rsrc Size: 7KB - Virtual size: 7KB

.text
Size: 22KB - Virtual size: 22KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 12KB - Virtual size: 27KB

.rsrc
Size: 7KB - Virtual size: 7KB