2cfad4d656be1a8b42a0c8a944eed765

General

Target

2cfad4d656be1a8b42a0c8a944eed765
Size

31KB
MD5

2cfad4d656be1a8b42a0c8a944eed765
SHA1

48dcb0caa46cd373837d529e1683c4a7dfb3ef20
SHA256

b4d049a61a1b97e996000e87855e68572b270ea6dd37105381affc1fffa1f746
SHA512

1a89d82c3e13329638f0cc0a0392aa5e028dceda745c38e1daf966a2f2a069bf8c1d2db7d2e7c06878d7225fca822cc36667288168f2ad74669c49a54ccd010a
SSDEEP

384:EcI5DWx7rFrMxfFBbW/vj6I6ep0yi9N4YgWF6RIFMjWAmDbTkJpaWLJ8iohS7+Ec:EccqCFBbIhJezEfIfvkGW92u+qz6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2cfad4d656be1a8b42a0c8a944eed765

Files

2cfad4d656be1a8b42a0c8a944eed765
.exe windows:4 windows x86 arch:x86

123f5be69e67ce890045ed284275d4ca

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mfc42

ord823

msvcrt

_controlfp
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
_XcptFilter
_exit
strchr
exit
strncmp
fopen
fwrite
fclose
_except_handler3
_strcmpi

kernel32

FindResourceA
GetCurrentProcess
GetStartupInfoA
ExitProcess
Module32First
GetShortPathNameA
SetLocalTime
CreateRemoteThread
GetProcAddress
GetModuleHandleA
WriteProcessMemory
VirtualAllocEx
OpenProcess
WinExec
_lclose
_lwrite
_lcreat
GetSystemDirectoryA
GetModuleFileNameA
LockResource
LoadResource
SizeofResource
CloseHandle
lstrlenA
GetLastError
CopyFileA
Process32Next
Process32First
CreateToolhelp32Snapshot
CreateFileA
DeleteFileA
GetCurrentDirectoryA
Sleep
TerminateProcess

advapi32

SetServiceStatus
CloseServiceHandle
RegOpenKeyExA
StartServiceCtrlDispatcherA
LookupPrivilegeValueA
OpenProcessToken
AdjustTokenPrivileges
RegisterServiceCtrlHandlerA
RegCloseKey
OpenSCManagerA
CreateServiceA
OpenServiceA
StartServiceA
RegOpenKeyA
RegSetValueExA

shell32

ShellExecuteA

Sections

.text
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 57KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

123f5be69e67ce890045ed284275d4ca

Headers

File Characteristics

Imports

mfc42

msvcrt

kernel32

advapi32

shell32

Sections

.text Size: 6KB - Virtual size: 6KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 2KB - Virtual size: 1KB

.rsrc Size: 57KB - Virtual size: 57KB

.text
Size: 6KB - Virtual size: 6KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 57KB - Virtual size: 57KB