2c8c2e2cc4d942c19350c8b6ec68df32

General

Target

2c8c2e2cc4d942c19350c8b6ec68df32
Size

54KB
MD5

2c8c2e2cc4d942c19350c8b6ec68df32
SHA1

a5ca91055593f1864a4e3a6d5dce9c03c7038f83
SHA256

6be24dbe9a34063ab37a9244e38f469e095f71855d430c49c7402b36a14ff13e
SHA512

580da0dcd5ea389e50a50c774e39850cfd41ec362d6c822f6dde691110ba56c79116b14cd7e06a9d11bede241cc2ff8bd6910f9d0449d79161d9e704bdb2bf2d
SSDEEP

768:ECkxk/Plxbum4ONvWKm3Ed1ZXEte7joEgntFgyr5fbWj44//9yZdrvtpnRjUEEjj:ZbtNvc3w1EnFzbWk2/yrps+p0eeF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2c8c2e2cc4d942c19350c8b6ec68df32

Files

2c8c2e2cc4d942c19350c8b6ec68df32
.exe .ps1 windows:4 windows x86 arch:x86 polyglot

edd3b0ac233f932c90af3c4ab2627061

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcr80

_lock
_onexit
_decode_pointer
__dllonexit
_invoke_watson
_controlfp_s
_crt_debugger_hook
_unlock
?terminate@@YAXXZ
__set_app_type
_encode_pointer
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_configthreadlocale
_initterm_e
_initterm
__initenv
exit
_XcptFilter
_exit
__getmainargs
_cexit
_except_handler4_common
_amsg_exit

kernel32

UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
SetUnhandledExceptionFilter
InterlockedCompareExchange
Sleep
InterlockedExchange
GetProcessHeap
HeapSetInformation
GetCommandLineA
IsDebuggerPresent

icaconfs

ApplyConfigurationA

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 908B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 46KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

edd3b0ac233f932c90af3c4ab2627061

Headers

DLL Characteristics

File Characteristics

Imports

msvcr80

kernel32

icaconfs

Sections

.text Size: 2KB - Virtual size: 2KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 512B - Virtual size: 908B

.rsrc Size: 2KB - Virtual size: 1KB

.reloc Size: 46KB - Virtual size: 48KB

.text
Size: 2KB - Virtual size: 2KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 512B - Virtual size: 908B

.rsrc
Size: 2KB - Virtual size: 1KB

.reloc
Size: 46KB - Virtual size: 48KB