2d51ff6ca0ea9f8604c75eb173ab94fb

General

Target

2d51ff6ca0ea9f8604c75eb173ab94fb
Size

284KB
MD5

2d51ff6ca0ea9f8604c75eb173ab94fb
SHA1

c22ac90a79c656691b2582120e11772392a109a8
SHA256

7e84777510589a3bbb22673ebbf796c1289ad9b110a5771fdf862e2ed8e18cbe
SHA512

2e160f7035a4b063b49e5be42ea04094e3a205461139226750f62e8d385d17510271d39bf09145327bf0f0326a322080130c99e37666b48d010080ad1384551b
SSDEEP

6144:VFo/KCKt33a23zWhOsFo/KCKt33a23fWhC:ziKCk3Ti9iKCk3TOo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2d51ff6ca0ea9f8604c75eb173ab94fb

Files

2d51ff6ca0ea9f8604c75eb173ab94fb
.exe windows:4 windows x86 arch:x86

fc366f71965c63a6623679c9049b0085

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
CreateProcessA
SetThreadPriority
GetCurrentThread
SetPriorityClass
GetCurrentProcess
lstrcpyA
GetEnvironmentVariableA
GetProcAddress
LoadLibraryA
lstrlenA
LocalFileTimeToFileTime
SystemTimeToFileTime
GetTickCount
GetTempPathA
Process32Next
FreeLibrary
LocalAlloc
InterlockedExchange
RaiseException
GetLastError
HeapReAlloc
HeapAlloc
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
HeapFree
VirtualFree
VirtualAlloc
GetModuleFileNameA
GetVersionExA
HeapDestroy
HeapCreate
TerminateProcess
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
RtlUnwind
WriteFile
GetCPInfo
GetACP
GetOEMCP
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW

Sections

.text
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 244KB - Virtual size: 241KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fc366f71965c63a6623679c9049b0085

Headers

File Characteristics

Imports

kernel32

Sections

.text Size: 20KB - Virtual size: 16KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 12KB - Virtual size: 11KB

.rsrc Size: 244KB - Virtual size: 241KB

.text
Size: 20KB - Virtual size: 16KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 12KB - Virtual size: 11KB

.rsrc
Size: 244KB - Virtual size: 241KB