2ce846554abb27d489ac574365ad147c

Sharing

Copy URL Twitter E-mail

General

Target

2ce846554abb27d489ac574365ad147c
Size

275KB
MD5

2ce846554abb27d489ac574365ad147c
SHA1

344dea4414f7b518a01c1567493cc5e58545aca5
SHA256

bdc036d57318cf2aaa54b0d5ae5efc8bfe6608428efaa53adb59bd63291a1c05
SHA512

f86ce562b944fa04033494480c28ed77baf7a147d6e170705c3cc2b02036ce7b0236def0cf73eb6aac5368a991b0fe87779984f2328684f9e62d73051f172fe8
SSDEEP

3072:TCcGM4rbApMnzrjmMaRcWYD0ZiEWCIhVGtaESDyC0JoOaey4QmYDyBAXo2:ecWbjzHmhwD0Y3hVvx0JdK6w1o2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2ce846554abb27d489ac574365ad147c

Files

2ce846554abb27d489ac574365ad147c
.exe windows:4 windows x86 arch:x86

b1bfd23a5f9de3e4e5cd8b42b6f7d5af

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

CheckEscapesW
ShellAboutA
SHAddToRecentDocs

wininet

IsUrlCacheEntryExpiredA
InternetAlgIdToStringA
InternetCrackUrlA
CreateUrlCacheEntryW
InternetCombineUrlA
SetUrlCacheGroupAttributeA
HttpSendRequestW
InternetGoOnlineW
HttpAddRequestHeadersW
HttpSendRequestA
DetectAutoProxyUrl
GopherCreateLocatorW
UrlZonesDetach
SetUrlCacheEntryGroupW

advapi32

LookupPrivilegeDisplayNameW
RegConnectRegistryW
CryptVerifySignatureA
LogonUserA
CryptSetProviderW
RegCreateKeyExW
AbortSystemShutdownA
DuplicateToken
RegSetKeySecurity
RegOpenKeyW
RegReplaceKeyA
RegDeleteValueW
RegQueryMultipleValuesW
RegQueryValueA
RegSetValueW
RegReplaceKeyW
LogonUserW
RegQueryInfoKeyW
CryptGetHashParam

gdi32

GetOutlineTextMetricsA
GetGlyphOutline
SetPaletteEntries
GdiPlayScript
SetEnhMetaFileBits
GetClipBox
CreateBitmapIndirect
EndPage
GetMetaRgn
SetColorAdjustment
CreateRectRgnIndirect
PolyDraw
AddFontResourceA
CreateBrushIndirect

kernel32

GetSystemTime
TerminateProcess
HeapDestroy
HeapFree
GetLocaleInfoA
CreateNamedPipeW
GetTickCount
IsValidLocale
GetEnvironmentStringsW
GetProcessHeap
HeapAlloc
VirtualQuery
GetVersionExA
GetStartupInfoW
SetEvent
EnumSystemLocalesA
InterlockedDecrement
GetFullPathNameA
GetDateFormatA
GetFileType
CompareStringW
IsDebuggerPresent
lstrcat
HeapReAlloc
InitializeCriticalSection
WideCharToMultiByte
CompareStringA
GetStringTypeA
GetEnvironmentStrings
LCMapStringW
ExitProcess
GetCurrentProcessId
VirtualAlloc
UnhandledExceptionFilter
LoadLibraryA
SetUnhandledExceptionFilter
GetModuleFileNameA
WriteFile
SetLastError
GetOEMCP
MultiByteToWideChar
GetTimeFormatA
GetLocaleInfoW
GetACP
HeapCreate
TlsSetValue
GetStdHandle
TlsAlloc
GetCommandLineW
GetModuleFileNameW
GetCalendarInfoW
GetCurrentProcess
GetTimeZoneInformation
IsValidCodePage
GetCurrentThreadId
InterlockedIncrement
FreeEnvironmentStringsW
GetCurrentThread
DeleteCriticalSection
SetHandleCount
GetSystemTimeAsFileTime
GetProcAddress
InterlockedExchange
Sleep
TlsGetValue
GetCPInfo
TlsFree
GetStartupInfoA
GetUserDefaultLCID
FlushFileBuffers
LCMapStringA
GetStringTypeW
SetEnvironmentVariableA
FreeLibrary
QueryPerformanceCounter
GetLastError
SetComputerNameA
GetCommandLineA
FreeEnvironmentStringsA
GetModuleHandleA
RtlZeroMemory
VirtualFree
SetConsoleCtrlHandler
LeaveCriticalSection
RtlUnwind
HeapSize
EnterCriticalSection

comdlg32

FindTextW
LoadAlterBitmap
GetSaveFileNameW
PageSetupDlgW
PageSetupDlgA
PrintDlgA

Sections

.text
Size: 153KB - Virtual size: 152KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 115KB - Virtual size: 114KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b1bfd23a5f9de3e4e5cd8b42b6f7d5af

Headers

File Characteristics

Imports

shell32

wininet

advapi32

gdi32

kernel32

comdlg32

Sections

.text Size: 153KB - Virtual size: 152KB

.data Size: 115KB - Virtual size: 114KB

.rsrc Size: 6KB - Virtual size: 6KB

.text
Size: 153KB - Virtual size: 152KB

.data
Size: 115KB - Virtual size: 114KB

.rsrc
Size: 6KB - Virtual size: 6KB