10c2efbefefeaa06ba81ffa76ecbe9e5

General

Target

10c2efbefefeaa06ba81ffa76ecbe9e5
Size

316KB
MD5

10c2efbefefeaa06ba81ffa76ecbe9e5
SHA1

e9c41512df5f58eecf19e99851293be8f8ae61ce
SHA256

42809e96663e7d6d494d93a346d0d91fd29748f512da98427f336ab40aa4e623
SHA512

e09701552a73d0d9afb3775cee075759a5ce370ad37e595f1df52ca8e83cdf99b1c6ab9c81e710ca7ac97d337945c19ad0d3b075ed2b6efcdcff2c8474bd41fa
SSDEEP

6144:HbEinz5o55oJZQibfIpznq/MSfd+R5cMgEP/K0D4:rOb6DUhnq/lYRy5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
10c2efbefefeaa06ba81ffa76ecbe9e5

Files

10c2efbefefeaa06ba81ffa76ecbe9e5
.dll windows:4 windows x86 arch:x86

5f21161d10ab95ca7d68350f87f406ff

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

MessageBoxA

kernel32

WriteFile
GetACP
GetFileAttributesA
VirtualAlloc
VirtualFree
GetFileType
CloseHandle
GetLastError
GetStdHandle
FormatMessageA
DebugBreak
RaiseException
FreeLibrary
SetLastError
GetCurrentThread
GetCurrentProcess
GetProcAddress
LoadLibraryA
GetModuleFileNameA
VirtualQuery
MapViewOfFile
CreateFileMappingA
CreateFileA
GetModuleHandleA
ReadFile
SetEndOfFile
SetFilePointer
GetTempFileNameA
GetTempPathA
GetFullPathNameA
GetFileInformationByHandle
Sleep
DeleteFileA
WaitForSingleObject
GetVersionExA
SetThreadPriority
CreateProcessA
WideCharToMultiByte
FreeEnvironmentStringsW
SetErrorMode
SetConsoleCtrlHandler
GetCommandLineA
GetVersion
HeapAlloc
HeapReAlloc
HeapFree
ExitProcess
TerminateProcess
RtlUnwind
GetEnvironmentVariableA
HeapDestroy
HeapCreate
SetHandleCount
GetStartupInfoA
FreeEnvironmentStringsA
SetStdHandle
GetEnvironmentStrings
GetEnvironmentStringsW
DisableThreadLibraryCalls
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetCPInfo
GetOEMCP
CompareStringA
CompareStringW
SetEnvironmentVariableA
FlushFileBuffers

Exports

Exports

LsodaR1
LsodaRinit1

Sections

.text
Size: 232KB - Virtual size: 228KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 44KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5f21161d10ab95ca7d68350f87f406ff

Headers

File Characteristics

Imports

user32

kernel32

Exports

Exports

Sections

.text Size: 232KB - Virtual size: 228KB

.rdata Size: 20KB - Virtual size: 16KB

.data Size: 44KB - Virtual size: 69KB

.reloc Size: 16KB - Virtual size: 13KB

.text
Size: 232KB - Virtual size: 228KB

.rdata
Size: 20KB - Virtual size: 16KB

.data
Size: 44KB - Virtual size: 69KB

.reloc
Size: 16KB - Virtual size: 13KB