10c19680c272bad4565f6b69f0818e2c

Sharing

Copy URL Twitter E-mail

General

Target

10c19680c272bad4565f6b69f0818e2c
Size

1.8MB
MD5

10c19680c272bad4565f6b69f0818e2c
SHA1

cb2ba6601d9113551edbfbafb17e08e13092846c
SHA256

cf220fd53af885a88e160ef58a21e020754379e66f47d3a1f1780c93f9e64fd8
SHA512

1cfd19bacda916b8f67b202c26c3be79d2ccf44860e2db2693a105379d5c55555c7fe686cd1ede75996088a72d71e3554055878b55983ddecbc5e4c68d320e85
SSDEEP

24576:uMKLGS5tgvx9cXWzJN+2z0Iiao6+Hr9fEwXMeDsIMwTZad/6XExB9m0hYqwjS6xQ:iN5Cb0Ifo3L9fEbbwT+/Nm1qOS672

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
10c19680c272bad4565f6b69f0818e2c

Files

10c19680c272bad4565f6b69f0818e2c
.exe windows:4 windows x86 arch:x86

f77e9449a59c93d2bf7b9a8d1ed594a9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegCloseKey
RegSetValueExA
RegQueryValueExA
RegDeleteKeyA

kernel32

GetModuleHandleA
GetCurrentProcessId
GetCommandLineA
GetTickCount
GetVersion
GetCurrentThread
GetLastError
GetCurrentThreadId
ExitProcess
HeapAlloc
GetProcessHeap
GetOEMCP
VirtualAlloc
FindResourceA
Sleep
VirtualFree
UnmapViewOfFile
IsValidCodePage
SizeofResource
SetStdHandle
GetModuleHandleW
GetACP
lstrcpynA
CloseHandle
ReadFile
MapViewOfFile
RaiseException
WideCharToMultiByte
GetCommandLineW
LockResource
GetEnvironmentStrings
RemoveDirectoryA
GetEnvironmentStringsW
LCMapStringA
GetConsoleCP
GlobalFree
lstrlenA
HeapCreate
LCMapStringW
CreateFileA
GetFileType
CreateEventA
CreateFileW
CreateEventW
GlobalLock
WaitForMultipleObjects
FindFirstFileW
CompareStringA
FindFirstFileA
lstrcmpA
CompareStringW
GetSystemInfo
GetProcAddress
DeleteFileW
GetEnvironmentVariableA
DeleteFileA
GetFileSize
GetStartupInfoA
LoadLibraryA
FlushFileBuffers
TlsAlloc
QueryPerformanceCounter
FreeLibrary
LoadLibraryW
SetHandleCount
EnterCriticalSection
WriteConsoleW
GetLocaleInfoA
SetEndOfFile
WriteConsoleA
TerminateProcess
MulDiv
SetUnhandledExceptionFilter
CreateThread
SetFilePointer
MultiByteToWideChar
LoadLibraryExW
UnhandledExceptionFilter
GetModuleFileNameA
GetVersionExA
IsDebuggerPresent
GetModuleFileNameW
InitializeCriticalSection
SetLastError
FormatMessageA
InterlockedDecrement
FindClose
LoadResource
GetTimeZoneInformation
LocalFree
SetEvent
GetSystemTimeAsFileTime
WriteFile
InterlockedExchange
GetCPInfo
FreeEnvironmentStringsW
LocalAlloc
GetConsoleMode
GetCurrentProcess
DeleteCriticalSection
FreeEnvironmentStringsA
GetFileAttributesW
HeapFree
HeapDestroy
FindNextFileA
GetDriveTypeA
WaitForSingleObject
GetFileAttributesA
FileTimeToSystemTime
GetStdHandle

user32

SetCursor
GetClientRect
SendMessageA
InvalidateRect
SystemParametersInfoA
GetSysColor
MessageBoxA
EndDialog
GetDesktopWindow
LoadCursorA
GetDlgItem
DispatchMessageA
SetWindowTextA
SetWindowLongA
SetCapture
GetSystemMetrics
DefWindowProcA
BeginPaint
SetFocus
GetSubMenu
CreateWindowExA
GetWindowLongA
EnableMenuItem
TranslateMessage
ShowWindow
DestroyWindow
GetKeyState
ReleaseDC
GetDC
EndPaint
SetWindowPos
PostQuitMessage
SetForegroundWindow

Sections

.text
Size: 1.7MB - Virtual size: 2.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f77e9449a59c93d2bf7b9a8d1ed594a9

Headers

File Characteristics

Imports

advapi32

kernel32

user32

Sections

.text Size: 1.7MB - Virtual size: 2.1MB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 11KB - Virtual size: 10KB

.rsrc Size: 32KB - Virtual size: 31KB

.text
Size: 1.7MB - Virtual size: 2.1MB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 11KB - Virtual size: 10KB

.rsrc
Size: 32KB - Virtual size: 31KB