2cc037f27203573d121f276cca576832

Sharing

Copy URL Twitter E-mail

General

Target

2cc037f27203573d121f276cca576832
Size

1.2MB
MD5

2cc037f27203573d121f276cca576832
SHA1

86b383419094acc50083c355a4309be2d5d0bc95
SHA256

cf279995cfb43ef6459c87a9f00d8d00028ceef2be65dc73b64e8cd54365ed7f
SHA512

a8a4cb4853e49680c5dabd520ec3f545fb7212092b8d744b741fa89734354e6c4921e5108e71cf02af2b40a06b33cc71a5fab03a7032e4b7d6d43e4baa80ae26
SSDEEP

24576:X4bo8euICPrupQ7MC4GxNXw2YcG5W9s19G4/YUbEofTBWhbCc:Xmz4GxBw2TGOHKlWhuc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2cc037f27203573d121f276cca576832

Files

2cc037f27203573d121f276cca576832
.exe windows:4 windows x86 arch:x86

36b15fc1ccb19e80f0859d6e09751f05

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WriteFile
ReadFile
OpenMutexA
GetEnvironmentStringsW
GetModuleHandleA
GetDiskFreeSpaceA
FreeEnvironmentStringsA
CompareStringA
GetProcessHeap
EnterCriticalSection
HeapSize
FreeEnvironmentStringsW
LCMapStringA
SetEnvironmentVariableA
GetCommandLineA
GetCurrentThreadId
GetStdHandle
UnhandledExceptionFilter
VirtualAlloc
TlsSetValue
Sleep
IsDebuggerPresent
GetSystemTimeAsFileTime
GetLocaleInfoA
HeapCreate
IsValidLocale
CreateFileA
InterlockedIncrement
GetConsoleOutputCP
LCMapStringW
LoadLibraryA
TlsAlloc
GetStringTypeW
LeaveCriticalSection
GetUserDefaultLCID
InterlockedDecrement
IsValidCodePage
SetFilePointer
GetStartupInfoA
TerminateProcess
RtlUnwind
EnumSystemLocalesA
GetConsoleCP
GetVersionExA
EnumDateFormatsExW
ExitProcess
GetCurrentThread
TlsFree
WideCharToMultiByte
SetConsoleCtrlHandler
GetCurrentProcess
GetCurrentProcessId
VirtualQuery
GetTimeFormatA
SetStdHandle
MultiByteToWideChar
SetUnhandledExceptionFilter
GetLocaleInfoW
GetLastError
CreateMutexA
InterlockedExchange
GetOEMCP
GetEnvironmentStrings
GetDateFormatA
HeapDestroy
HeapReAlloc
WriteConsoleA
SetHandleCount
WriteProfileStringA
FlushFileBuffers
GetTickCount
SetLastError
GetFileType
CompareStringW
FreeLibrary
HeapFree
GetDiskFreeSpaceExA
GetConsoleMode
DeleteCriticalSection
LockResource
GetCPInfo
QueryPerformanceCounter
GetTimeZoneInformation
GetProcAddress
TlsGetValue
WriteConsoleW
GetStringTypeA
GetACP
InitializeCriticalSection
HeapAlloc
GetModuleFileNameA
VirtualFree
CloseHandle

user32

ShowWindow
GetWindowThreadProcessId
SetParent
CreateWindowExA
MessageBoxW
RegisterClassA
CreateAcceleratorTableW
RegisterClassExA
InsertMenuW
GetTitleBarInfo
LoadImageA
GetIconInfo
TabbedTextOutA

comdlg32

FindTextA
ReplaceTextW
ChooseColorW

comctl32

InitCommonControlsEx

wininet

InternetGetCertByURLA
InternetTimeFromSystemTime
FindFirstUrlCacheEntryExW
InternetSetDialStateA
InternetSetOptionW

shell32

SheChangeDirExW

advapi32

LookupPrivilegeNameW
RegOpenKeyExW
CryptEncrypt
GetUserNameA

Sections

.text
Size: 401KB - Virtual size: 401KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 25KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 806KB - Virtual size: 804KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

36b15fc1ccb19e80f0859d6e09751f05

Headers

File Characteristics

Imports

kernel32

user32

comdlg32

comctl32

wininet

shell32

advapi32

Sections

.text Size: 401KB - Virtual size: 401KB

.rdata Size: 25KB - Virtual size: 55KB

.data Size: 806KB - Virtual size: 804KB

.rsrc Size: 17KB - Virtual size: 17KB

.text
Size: 401KB - Virtual size: 401KB

.rdata
Size: 25KB - Virtual size: 55KB

.data
Size: 806KB - Virtual size: 804KB

.rsrc
Size: 17KB - Virtual size: 17KB