0c2e0095207566a39a044f414ae4d96e

General

Target

0c2e0095207566a39a044f414ae4d96e
Size

76KB
MD5

0c2e0095207566a39a044f414ae4d96e
SHA1

2f220ad0b5649784e2b81c60613227fa62565678
SHA256

762bfc97e220987144e102622ced7467c901761ae566e0187eefa1f3df5cdf13
SHA512

23734646001e9d36b46cbb5b18982376e844424471bd85cb34e020fcd99faf5181bcaff83271d03a2736cebe44e90d115c96ce329ea5681d09f31221e2fbe430
SSDEEP

1536:zzqlMFfAQ+h/Bti2tHzGKQQLSmbSikQY1q6FNLEz6liV1eo:ClMWQYHJHkQY46LL0V1eo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0c2e0095207566a39a044f414ae4d96e

Files

0c2e0095207566a39a044f414ae4d96e
.exe windows:4 windows x86 arch:x86

d54b54b2a19ea82585eeee5a387367a9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindResourceA
CloseHandle
CreateFileA
GetTempPathA
lstrcatA
GetSystemDirectoryA
GetWindowsDirectoryA
lstrcpyA
MoveFileExA
DeleteFileA
FindFirstFileA
GetTempFileNameA
WinExec
GetStartupInfoA
GetModuleHandleA
LoadLibraryA
GetProcAddress
FreeLibrary
WriteFile
LoadResource
SizeofResource
LockResource

advapi32

RegCloseKey
RegQueryValueExA
RegCreateKeyA

mfc42

ord939
ord5683
ord800
ord4129
ord941
ord537
ord924
ord825

msvcrt

__set_app_type
__p__fmode
__p__commode
__setusermatherr
_initterm
_acmdln
exit
_XcptFilter
_exit
_except_handler3
_onexit
__dllonexit
_mkdir
_errno
memset
_EH_prolog
__CxxFrameHandler
time
srand
_controlfp
__getmainargs
_adjust_fdiv

shell32

SHGetSpecialFolderPathA

Sections

.text
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 212B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 60KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rebld_r
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rebld_i
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

d54b54b2a19ea82585eeee5a387367a9

Headers

File Characteristics

Imports

kernel32

advapi32

mfc42

msvcrt

shell32

Sections

.text Size: 4KB - Virtual size: 2KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 4KB - Virtual size: 212B

.rsrc Size: 60KB - Virtual size: 58KB

.rebld_r Size: 1KB - Virtual size: 1KB

.rebld_i Size: 1KB - Virtual size: 1KB

.text
Size: 4KB - Virtual size: 2KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 4KB - Virtual size: 212B

.rsrc
Size: 60KB - Virtual size: 58KB

.rebld_r
Size: 1KB - Virtual size: 1KB

.rebld_i
Size: 1KB - Virtual size: 1KB