2c6b75279ea27028b0ab8d89267d946d71351b1b12551916fea44de3768457b5

Sharing

Copy URL

Twitter E-mail

General

Target

2c6b75279ea27028b0ab8d89267d946d71351b1b12551916fea44de3768457b5
Size

11.9MB
MD5

dbc4c254ab5fd77f0be8a8a08261ca49
SHA1

4dfb89d495a3b568e7c2f1b36c69ca1cefaffc4d
SHA256

2c6b75279ea27028b0ab8d89267d946d71351b1b12551916fea44de3768457b5
SHA512

952b2f3238494895eb2de48c8005eb7489024361f4601590b1a9e62e8594698ab957ab292dfd7969d8234e03cfb480194f1b7dd37e814a23ecf19d3e39c67edf
SSDEEP

3072:c8X2oAKtZZy2m4zRwhIuGikP32xGe7pppppppppppppppppppppppppppppppppr:c8mKtDyv4lwh8W

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2c6b75279ea27028b0ab8d89267d946d71351b1b12551916fea44de3768457b5

Files

2c6b75279ea27028b0ab8d89267d946d71351b1b12551916fea44de3768457b5
.exe windows:5 windows x86

d764f3f341f36972429c441b893554c7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetLocalTime
EnterCriticalSection
GetTickCount
HeapReAlloc
OpenFileMappingA
lstrlenW
WaitNamedPipeA
OpenWaitableTimerA
CreateMutexA
TlsGetValue
lstrlenW
GetProcAddress
CreateFileMappingA
GetStartupInfoW
WriteFile
GetModuleHandleA
DeleteFileW
GetStringTypeW
LoadLibraryExW
LoadLibraryW
lstrlenW
GetVersionExW

user32

LoadMenuW
InsertMenuW
GetDlgItemTextW
IsDialogMessageW
GetPropA
DispatchMessageA
IsCharLowerA
PeekMessageA
LoadIconW
GetClassLongA

rsaenh

CPDeriveKey
CPCreateHash
CPEncrypt
CPDecrypt

wtsapi32

WTSVirtualChannelWrite
WTSEnumerateProcessesA
WTSVirtualChannelPurgeInput
WTSSetUserConfigW
WTSQuerySessionInformationA
WTSWaitSystemEvent
WTSOpenServerW
WTSEnumerateSessionsW
WTSVirtualChannelClose
WTSVirtualChannelOpen
WTSQueryUserToken
WTSSendMessageA
WTSFreeMemory
WTSLogoffSession
WTSUnRegisterSessionNotification
WTSVirtualChannelQuery
WTSSetSessionInformationW

cmpbk32

PhoneBookFreeFilter
PhoneBookCopyFilter

modemui

InvokeControlPanel
drvSetDefaultCommConfigA

cfgmgr32

CM_Add_Empty_Log_Conf
CMP_Init_Detection

Sections

.text
Size: 96KB - Virtual size: 95KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.jdata
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_MEM_READ

.zdata
Size: 1024B - Virtual size: 704B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rcrs
Size: 11.8MB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

d764f3f341f36972429c441b893554c7

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

rsaenh

wtsapi32

cmpbk32

modemui

cfgmgr32

Sections

.text Size: 96KB - Virtual size: 95KB

.jdata Size: 11KB - Virtual size: 11KB

.zdata Size: 1024B - Virtual size: 704B

.rcrs Size: 11.8MB - Virtual size: 1KB

.text
Size: 96KB - Virtual size: 95KB

.jdata
Size: 11KB - Virtual size: 11KB

.zdata
Size: 1024B - Virtual size: 704B

.rcrs
Size: 11.8MB - Virtual size: 1KB