2e261caaea1b0955cff57e0537ff28b9

General

Target

2e261caaea1b0955cff57e0537ff28b9
Size

46KB
MD5

2e261caaea1b0955cff57e0537ff28b9
SHA1

9c1d69c589c08647ecf82244b7934b1123f04917
SHA256

e2974361901c07f6cb71f2da3e29cbcff2837fb65b7823956562c640255898c1
SHA512

3f4afb9c1ad6b8120fdfd9ae4b242aca2553b2c2b20312f35b6d6e26a7f6ccbcaf12f9788b4690bf7bebb4ba2821b720332a4454a8491fb736da6ed781928aa0
SSDEEP

384:jPX8OXjy23xNuXXRRS9oYQKg09sIlfA2vtnavxyGNnREqFt+hPbbbby4X1:jP8OD9VQR0KItAEnCNnREq2Nbbbbyo1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2e261caaea1b0955cff57e0537ff28b9

Files

2e261caaea1b0955cff57e0537ff28b9
.exe windows:5 windows x86 arch:x86

3738e90116b156995499c16c1a65ac76

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

netapi32

DsAddressToSiteNamesA
DsAddressToSiteNamesExA
DsAddressToSiteNamesExW
DsAddressToSiteNamesW
DsDeregisterDnsHostRecordsW
DsEnumerateDomainTrustsA
DsEnumerateDomainTrustsW
DsGetDcCloseW
DsGetDcNameA

oleaut32

OleCreateFontIndirect
OleCreatePictureIndirect
OleCreatePropertyFrame
OleCreatePropertyFrameIndirect
OleIconToCursor
OleLoadPicture
OleLoadPictureEx
OleLoadPictureFile
OleLoadPictureFileEx

ntprint

PSetupFreeDrvField
PSetupFreeMem

regapi

RegWdQueryA
RegWdQueryA
RegWdQueryA
RegWdQueryA
RegWdQueryA
RegWdQueryA
RegWdQueryA
RegWdQueryW
RegCdCreateW
RegCdDeleteA
RegCdDeleteW
RegCdEnumerateA
RegCdEnumerateW
RegCdQueryA
RegCdQueryW
RegCloseServer
RegUserConfigRename
RegOpenServerA
RegPdEnumerateA

msvcrt

fopen
fread

kernel32

OutputDebugStringW
IsDebuggerPresent
ExitProcess
GetTickCount
GetACP
LoadLibraryA
FindVolumeClose
GetCommandLineA
GetWindowsDirectoryA

iashlpr

AllocateAttributes

sti

StiCreateInstance

msdart

??0CCritSec@@QAE@XZ
??0CDoubleList@@QAE@XZ

Sections

.text
Size: 7KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

rSrc
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3738e90116b156995499c16c1a65ac76

Headers

File Characteristics

Imports

netapi32

oleaut32

ntprint

regapi

msvcrt

kernel32

iashlpr

sti

msdart

Sections

.text Size: 7KB - Virtual size: 4KB

.data Size: 11KB - Virtual size: 12KB

rSrc Size: 26KB - Virtual size: 26KB

.text
Size: 7KB - Virtual size: 4KB

.data
Size: 11KB - Virtual size: 12KB

rSrc
Size: 26KB - Virtual size: 26KB