2f14a92abef253b9c5c2ce978fa0b949

General

Target

2f14a92abef253b9c5c2ce978fa0b949
Size

312KB
MD5

2f14a92abef253b9c5c2ce978fa0b949
SHA1

d003c807127e2696c1afdca22a2bfd6a5c711754
SHA256

c64fd1650e24e5435ff33e75a2cfa98a1f288636dc74b33980b7d0e37876cfe8
SHA512

bb88018557e7e1250c4cff69e5b619ecf62b416967122413178ef9b13bf1054d11f545466485cd5881e4f7f0219d032d48eadacc9f9b600c29eae40ac2b5f4d1
SSDEEP

6144:TuxWysqxconQ1qhJ1zJgCbldhRp21Bwrok++e9rsN8tuiRuMsC8:zSxcJ1qhzzJdJdhRpkw0kEJvuzMs

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2f14a92abef253b9c5c2ce978fa0b949

Files

2f14a92abef253b9c5c2ce978fa0b949
.exe windows:5 windows x86 arch:x86

851897b782035ccf6405b9099be2746d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegQueryValueExA
RegEnumValueW
RegEnumKeyExW

kernel32

WriteConsoleA
GetCommandLineA
VirtualProtect
GetModuleHandleA
GetThreadLocale
SetStdHandle
GetLocalTime
GetSystemTime
MultiByteToWideChar
RtlUnwind
WriteFile
RemoveDirectoryA
GetACP
lstrlenW
GlobalFree
FreeResource
FindClose
GlobalMemoryStatus
GetSystemTimeAsFileTime
UnmapViewOfFile
GetLastError
GetCurrentThreadId
HeapAlloc
GetOEMCP
GetCPInfo
SizeofResource
EnterCriticalSection
Sleep
SetConsoleCP
GetStartupInfoA
MapViewOfFile
lstrcatA
ExitProcess
CreateProcessA
UnhandledExceptionFilter
QueryPerformanceCounter
VirtualQuery
GlobalSize
CreateDirectoryW

msvcrt

_amsg_exit
??1type_info@@UAE@XZ
memcpy
_cexit
_XcptFilter
calloc

ole32

CoCreateInstance
StgSetTimes
CLSIDFromProgID
CoUninitialize

user32

GetMessageW
SetWindowPos
GetScrollInfo
GetWindow
SetWindowTextW

gdi32

GetObjectA
GetTextMetricsW
DeleteDC
IntersectClipRect
RealizePalette

lz32

LZClose

Sections

.text
Size: 57KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 252KB - Virtual size: 255KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 162B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

851897b782035ccf6405b9099be2746d

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

kernel32

msvcrt

ole32

user32

gdi32

lz32

Sections

.text Size: 57KB - Virtual size: 56KB

.rdata Size: 2KB - Virtual size: 11KB

.data Size: 252KB - Virtual size: 255KB

.reloc Size: 512B - Virtual size: 162B

.text
Size: 57KB - Virtual size: 56KB

.rdata
Size: 2KB - Virtual size: 11KB

.data
Size: 252KB - Virtual size: 255KB

.reloc
Size: 512B - Virtual size: 162B