2c79774e483aa32f0c843c54c969ebbb

Sharing

Copy URL

Twitter E-mail

General

Target

2c79774e483aa32f0c843c54c969ebbb
Size

420KB
MD5

2c79774e483aa32f0c843c54c969ebbb
SHA1

755e48ebce368832ba5555689a8e33acf99b7ad5
SHA256

7defa94f30ed7b69b17a6aa88ba9e7e7c6c21322b47c2660b735c0da455bbecc
SHA512

2b1cbee8562996abf3de79ad1b844fc50ace990af2ab2bd3c03d85e9e8f43a64aa22f8500d0f23e985804a38fbb738ab1c4c03de883ce1f11cdebf61782d9b80
SSDEEP

12288:nJBY2MY2MM2MG2M42Mz2M8D5WonledTJ:nJBY2MY2MM2MG2M42Mz2M8solCT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2c79774e483aa32f0c843c54c969ebbb

Files

2c79774e483aa32f0c843c54c969ebbb
.exe windows:4 windows x86 arch:x86

3ca5ea8dfbc8bb15035b8ae89c92605a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindFirstFileA
InitializeCriticalSection
DeleteCriticalSection
Sleep
CloseHandle
WriteFile
CreateFileA
LeaveCriticalSection
EnterCriticalSection
CreateThread
MultiByteToWideChar
WideCharToMultiByte
DeleteFileA
lstrcpyA
CreateProcessA
GetDiskFreeSpaceA
GetTempPathA
GetSystemDefaultLangID
GetUserDefaultLangID
GetPrivateProfileStringA
GetPrivateProfileIntA
FindClose
CompareStringA
GetSystemTime
GetACP
SetFilePointer
HeapReAlloc
GetCPInfo
IsBadCodePtr
IsBadWritePtr
VirtualAlloc
SetUnhandledExceptionFilter
VirtualFree
IsBadReadPtr
HeapDestroy
GetFileType
HeapCreate
SetHandleCount
GetEnvironmentStringsW
GetStdHandle
GetOEMCP
GetModuleFileNameA
UnhandledExceptionFilter
HeapAlloc
GetProcAddress
GetEnvironmentStrings
FreeEnvironmentStringsW
SetEnvironmentVariableA
CompareStringW
LCMapStringW
FlushFileBuffers
LCMapStringA
GetStringTypeW
GetStringTypeA
SetStdHandle
GetLastError
LoadLibraryA
HeapFree
TerminateProcess
ExitProcess
RtlUnwind
GetTimeZoneInformation
FreeEnvironmentStringsA
GetLocalTime
GetVersion
GetCurrentProcess
GetModuleHandleA
GetStartupInfoA
GetCommandLineA

user32

PostMessageA
wsprintfA
SetWindowTextA
MsgWaitForMultipleObjects
PeekMessageA
GetWindowLongA
TranslateMessage
DispatchMessageA
SendMessageA
EndDialog
SetWindowLongA
GetDesktopWindow
SetTimer
KillTimer
LoadStringA
DialogBoxParamA
GetDlgItem
MessageBoxA

ole32

CoTaskMemAlloc
OleInitialize
OleUninitialize
CoTaskMemFree

urlmon

IsValidURL

comctl32

ord17

wintrust

WinVerifyTrust

wininet

InternetOpenA
InternetCrackUrlA
HttpOpenRequestA
HttpSendRequestA
InternetErrorDlg
HttpQueryInfoA
InternetCloseHandle
InternetReadFile
InternetConnectA

Sections

.text
Size: 40KB - Virtual size: 37KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 216KB - Virtual size: 214KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 76KB - Virtual size: 128KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 57KB - Virtual size: 156KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

3ca5ea8dfbc8bb15035b8ae89c92605a

Headers

File Characteristics

Imports

kernel32

user32

ole32

urlmon

comctl32

wintrust

wininet

Sections

.text Size: 40KB - Virtual size: 37KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 4KB - Virtual size: 11KB

.rsrc Size: 216KB - Virtual size: 214KB

.data Size: 76KB - Virtual size: 128KB

.text Size: 57KB - Virtual size: 156KB

.data Size: 8KB - Virtual size: 8KB

.text
Size: 40KB - Virtual size: 37KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 4KB - Virtual size: 11KB

.rsrc
Size: 216KB - Virtual size: 214KB

.data
Size: 76KB - Virtual size: 128KB

.text
Size: 57KB - Virtual size: 156KB

.data
Size: 8KB - Virtual size: 8KB