2c045f83d489e91e6eca4f589da8aaa7

Sharing

Copy URL Twitter E-mail

General

Target

2c045f83d489e91e6eca4f589da8aaa7
Size

360KB
MD5

2c045f83d489e91e6eca4f589da8aaa7
SHA1

1fa38b71ea514a655be8a3be7a401503cabf79b9
SHA256

161af5443617148fdc73814d09808d0b0174fa9dc73ed4edcd62616783d97697
SHA512

777daa87551043c06ef0f08ba3a74878b1a9e4df89c1d1cdeef16c84794d9aaec2c62221e5b62b0601ad3160eadc5f45e34b57cfbe04f5ab0105ce91b34f0232
SSDEEP

6144:bzBDHBDM6TYBIH4/fUIn7RG3i/Jrto6rL6BTL96Epw/R2nWQIJj:bz9hhw/fR83iHoCQL96ECR2WjF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2c045f83d489e91e6eca4f589da8aaa7

Files

2c045f83d489e91e6eca4f589da8aaa7
.exe windows:4 windows x86 arch:x86

f532de4c7c0a75fa8e73ae608c71b198

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

InitCommonControlsEx

gdi32

SetBkMode
GetCharWidthFloatA
GetSystemPaletteUse
GetFontLanguageInfo
UpdateColors
GetBkColor
EnumFontsW
GdiGetBatchLimit
SetAbortProc
OffsetViewportOrgEx
GetTextFaceA
CreateBitmap
CloseMetaFile
PtVisible
GetKerningPairsW
GetObjectA

wininet

ShowCertificate
RetrieveUrlCacheEntryFileA
FtpRemoveDirectoryA

user32

FlashWindow
GetWindowTextA
EnumWindowStationsA
RegisterClassW
DdeAddData
WinHelpA
IsWindowUnicode
RegisterClassExA
RegisterClassA
CreateWindowStationA
GetTitleBarInfo
DdeUninitialize
TrackPopupMenuEx
GetWindowWord
DeleteMenu
GetProcessDefaultLayout
InsertMenuW
TranslateAccelerator
GetWindowTextLengthW
DefWindowProcA
DragObject
ChangeMenuW
IsDialogMessage

kernel32

LCMapStringW
RtlUnwind
WriteConsoleW
GetCPInfo
SetConsoleCtrlHandler
HeapDestroy
ExitProcess
MultiByteToWideChar
LoadLibraryA
LCMapStringA
GetStringTypeW
InterlockedExchange
TlsFree
LocalReAlloc
SetEnvironmentVariableA
GetStdHandle
VirtualFree
TerminateProcess
GetCurrentThread
Sleep
GetModuleHandleA
GetDateFormatA
WriteConsoleA
GetCurrentThreadId
SetUnhandledExceptionFilter
IsValidLocale
GetStartupInfoA
InterlockedDecrement
GetModuleFileNameA
CompareStringA
IsValidCodePage
WriteFile
GetEnvironmentStrings
HeapAlloc
GetTickCount
CreateMutexA
GetACP
OpenMutexA
SetLastError
HeapCreate
GetConsoleOutputCP
SetHandleCount
ReadFile
GetTimeZoneInformation
CompareStringW
GetLocaleInfoW
SetStdHandle
GetProcAddress
GlobalReAlloc
DeleteCriticalSection
UnhandledExceptionFilter
TlsGetValue
VirtualAlloc
EnterCriticalSection
IsDebuggerPresent
VirtualQuery
LeaveCriticalSection
CreateFileA
InterlockedIncrement
GetLastError
GetCommandLineA
GetConsoleMode
FreeEnvironmentStringsA
GetFileType
WideCharToMultiByte
GetStringTypeA
QueryPerformanceCounter
GetVersionExA
FreeEnvironmentStringsW
EnumSystemLocalesA
TlsAlloc
HeapReAlloc
GetUserDefaultLCID
FreeLibrary
InterlockedExchangeAdd
GetCurrentProcess
GetTimeFormatA
InitializeCriticalSection
CloseHandle
TlsSetValue
HeapFree
SetFilePointer
GetOEMCP
GetEnvironmentStringsW
HeapSize
GetSystemTimeAsFileTime
GetProcessHeap
GetCurrentProcessId
GetLocaleInfoA
FlushFileBuffers
GetConsoleCP

advapi32

RegEnumKeyExA
RegSaveKeyW
AbortSystemShutdownA
CryptEncrypt
CryptSignHashW
InitiateSystemShutdownA
LookupAccountSidA
CryptGenRandom
RegDeleteKeyW
RegDeleteValueA
CryptSetProviderExA
RevertToSelf
CryptSetProviderExW
CryptEnumProviderTypesA
CryptCreateHash
CryptEnumProvidersA
InitializeSecurityDescriptor
RegEnumValueW
RegEnumKeyA
CryptContextAddRef
DuplicateTokenEx
RegSetKeySecurity
AbortSystemShutdownW
CryptDuplicateHash
CryptHashData

shell32

SHGetSpecialFolderLocation

Sections

.text
Size: 163KB - Virtual size: 162KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 177KB - Virtual size: 177KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f532de4c7c0a75fa8e73ae608c71b198

Headers

File Characteristics

Imports

comctl32

gdi32

wininet

user32

kernel32

advapi32

shell32

Sections

.text Size: 163KB - Virtual size: 162KB

.rdata Size: 11KB - Virtual size: 31KB

.data Size: 177KB - Virtual size: 177KB

.rsrc Size: 7KB - Virtual size: 7KB

.text
Size: 163KB - Virtual size: 162KB

.rdata
Size: 11KB - Virtual size: 31KB

.data
Size: 177KB - Virtual size: 177KB

.rsrc
Size: 7KB - Virtual size: 7KB