15c2c3022d514e58e34ff271119cc4d5

Sharing

Copy URL

Twitter E-mail

General

Target

15c2c3022d514e58e34ff271119cc4d5
Size

291KB
MD5

15c2c3022d514e58e34ff271119cc4d5
SHA1

396658de3f8f923214e91d02ba41fe32449e0e8c
SHA256

9d75834b57da9461320ef5cc0ad9ce52e99da726ed9c78f9c92f8dead7522787
SHA512

f5c7b456b7607b63986a42f0dae1fd80ead89aa9398c97ce8265eb1564641f2f241ef11381e054c025bff538aa1afd168f099c6fca90bbbafff8f199b08fce22
SSDEEP

6144:dWEiklyQtYxftZw/M4qddpWZfmTPsPF4SihVQsA:DigfeZwFsOfO0tiEsA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
15c2c3022d514e58e34ff271119cc4d5

Files

15c2c3022d514e58e34ff271119cc4d5
.exe windows:4 windows x86 arch:x86

3cb1f92d465dba3560bd75fabefd4f0c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStringTypeW
HeapSize
InterlockedDecrement
SetLastError
GetProcAddress
InterlockedIncrement
HeapReAlloc
Sleep
EnterCriticalSection
GetStdHandle
GetCurrentProcessId
TlsFree
FindFirstFileW
GetEnvironmentStrings
TlsGetValue
WriteFile
IsDebuggerPresent
SetConsoleActiveScreenBuffer
TlsSetValue
LeaveCriticalSection
GetLastError
VirtualFree
FreeEnvironmentStringsA
GetUserDefaultLCID
IsValidLocale
GetProcessShutdownParameters
GetProcessHeap
CreateWaitableTimerW
ResumeThread
ExitProcess
GetTickCount
FindFirstFileExW
TlsAlloc
HeapFree
GetCPInfo
GetModuleFileNameA
GetTimeFormatA
LoadLibraryA
QueryPerformanceCounter
GetACP
VirtualAlloc
ReadFile
EnumSystemLocalesA
WideCharToMultiByte
GetCurrentProcess
TerminateProcess
GetCurrentThreadId
RtlUnwind
GetCommandLineA
GetEnvironmentStringsW
GetLocaleInfoW
SetConsoleCtrlHandler
UnhandledExceptionFilter
InitializeCriticalSection
FreeEnvironmentStringsW
GetSystemTimeAsFileTime
GetCurrentThread
CompareStringA
UnmapViewOfFile
GetDateFormatA
GetFileType
WriteConsoleOutputCharacterW
SetHandleCount
LCMapStringA
GetTimeZoneInformation
lstrcmp
GetLocaleInfoA
SetEnvironmentVariableA
LockResource
HeapDestroy
SetUnhandledExceptionFilter
GetOEMCP
GetTempPathA
InterlockedExchange
GetStringTypeA
GetStartupInfoA
FreeLibrary
LCMapStringW
DeleteCriticalSection
CompareStringW
IsValidCodePage
HeapCreate
HeapAlloc
MultiByteToWideChar
FileTimeToDosDateTime
GetVersionExW
GetVersionExA
VirtualQuery
GetModuleHandleA

advapi32

CryptCreateHash
CryptGetProvParam
RegQueryValueW
InitializeSecurityDescriptor
RegCreateKeyA
LookupAccountNameA
RegCloseKey
CryptGetDefaultProviderA
CryptHashData
CryptDecrypt
RegNotifyChangeKeyValue
CryptHashSessionKey
CryptSignHashA
RegLoadKeyA
CryptVerifySignatureA
CryptGenRandom
RegFlushKey
ReportEventA
LookupSecurityDescriptorPartsA
RegRestoreKeyA
CryptDestroyHash
GetUserNameW
RevertToSelf
RegDeleteKeyA
CryptVerifySignatureW

Sections

.text
Size: 143KB - Virtual size: 143KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 140KB - Virtual size: 139KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3cb1f92d465dba3560bd75fabefd4f0c

Headers

File Characteristics

Imports

kernel32

advapi32

Sections

.text Size: 143KB - Virtual size: 143KB

.data Size: 140KB - Virtual size: 139KB

.rsrc Size: 7KB - Virtual size: 6KB

.text
Size: 143KB - Virtual size: 143KB

.data
Size: 140KB - Virtual size: 139KB

.rsrc
Size: 7KB - Virtual size: 6KB