2c046e87ac0b97e38da00c8a1bf18614

Sharing

Copy URL

Twitter E-mail

General

Target

2c046e87ac0b97e38da00c8a1bf18614
Size

381KB
MD5

2c046e87ac0b97e38da00c8a1bf18614
SHA1

52beba2be202afa2893ce5a29f9f392acd67d051
SHA256

5873c393bdfff165b27a8fa7d6eecc799b93e97fddb98ac0619254407519112e
SHA512

c8bae55e536a1663bd32fae75aefae7ca4e921ce3b4507b72d244d489d7b7ff406a1c20d2616734ee7a119fe40cebd7cccaa11107df8636a4ce7ceefc4aa337a
SSDEEP

6144:AJj869Hdv/Sj8393LCvREyroO4wMtiEzKg94Xe33MjBT2xnfhvZ1Gy7CH9nvSF:AhTHcw3lCZB9CRC2dpC8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2c046e87ac0b97e38da00c8a1bf18614

Files

2c046e87ac0b97e38da00c8a1bf18614
.exe windows:5 windows x86 arch:x86

e4324dbaf5d10ae99457d4a09c068396

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

WCSToMBEx
VkKeyScanExA
SetPropW
SetMessageQueue
GetTopWindow
ChangeMenuW
GetClipboardViewer
MessageBoxExA
ResolveDesktopForWOW
ExcludeUpdateRgn
ShowWindow
IsCharAlphaW
DestroyMenu
wvsprintfW
SendDlgItemMessageA
SetUserObjectSecurity
MapVirtualKeyW
CharLowerW
LoadStringW
CallNextHookEx
GetMonitorInfoA
SetCaretPos
SendMessageA
GetUserObjectInformationA
MapWindowPoints
KillTimer
GetReasonTitleFromReasonCode
MessageBoxIndirectW
LoadIconW
SetWindowsHookExA
GetMenuInfo
RegisterHotKey
SetWindowStationUser
ReuseDDElParam
GetDialogBaseUnits
GetDC
PaintMenuBar
RegisterShellHookWindow
SendNotifyMessageA
UnhookWindowsHook
GetRegisteredRawInputDevices
SendInput
SetWindowLongW
InvertRect
LoadIconA
SetMenu
GetWindowWord
EnableWindow
CtxInitUser32
GetParent
RemovePropW
GetProgmanWindow
LoadAcceleratorsW
GetNextDlgTabItem
SetClassLongA
CreateDesktopW
CharPrevExA
OpenWindowStationW
CalcMenuBar
IsDialogMessageA
DialogBoxIndirectParamA
DdeNameService
GetCursorPos
GetClassWord

kernel32

GetConsoleAliasExesLengthW
GetStartupInfoA
SetHandleInformation
SetConsoleMode
GetConsoleDisplayMode
SetProcessAffinityMask
GetDriveTypeW
PrepareTape
GetVolumePathNamesForVolumeNameA
InitializeCriticalSectionAndSpinCount
RemoveDirectoryW
GetOverlappedResult
FindActCtxSectionStringW
GetVolumeNameForVolumeMountPointW
TerminateThread
GetSystemDefaultLangID
GetExpandedNameA
OpenMutexA
FileTimeToLocalFileTime
WaitForSingleObject
GetSystemTimeAsFileTime
ExpungeConsoleCommandHistoryA
GetStringTypeExW
GlobalAddAtomA
DeleteVolumeMountPointW
WriteFile
SetConsoleKeyShortcuts
LoadLibraryA
SetThreadPriority
LoadModule
VirtualAlloc
CreateHardLinkA
LocalHandle
GetFileAttributesExW

advapi32

IsValidSecurityDescriptor
WmiQueryAllDataA
GetLocalManagedApplicationData
GetInheritanceSourceA
RegisterTraceGuidsA
MakeAbsoluteSD
LookupPrivilegeDisplayNameW
ElfBackupEventLogFileW
LookupPrivilegeValueA
GetServiceKeyNameA
DuplicateEncryptionInfoFile
UnregisterIdleTask
OpenTraceA
TraceMessageVa
CryptSignHashA
CryptAcquireContextW
ElfReadEventLogW
LsaOpenAccount
MD4Update
RegReplaceKeyW
InitiateSystemShutdownExA
AdjustTokenGroups
RegEnumKeyExA
SaferiChangeRegistryScope
SystemFunction026
ReadEncryptedFileRaw

Sections

.text
Size: 158KB - Virtual size: 158KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 139KB - Virtual size: 139KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 75KB - Virtual size: 550KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e4324dbaf5d10ae99457d4a09c068396

Headers

DLL Characteristics

File Characteristics

Imports

user32

kernel32

advapi32

Sections

.text Size: 158KB - Virtual size: 158KB

.rdata Size: 139KB - Virtual size: 139KB

.data Size: 75KB - Virtual size: 550KB

.rsrc Size: 6KB - Virtual size: 6KB

.reloc Size: 1024B - Virtual size: 1024B

.text
Size: 158KB - Virtual size: 158KB

.rdata
Size: 139KB - Virtual size: 139KB

.data
Size: 75KB - Virtual size: 550KB

.rsrc
Size: 6KB - Virtual size: 6KB

.reloc
Size: 1024B - Virtual size: 1024B