2c08c21989ecd5859c85a6c12bcaaea4

Sharing

Copy URL Twitter E-mail

General

Target

2c08c21989ecd5859c85a6c12bcaaea4
Size

208KB
MD5

2c08c21989ecd5859c85a6c12bcaaea4
SHA1

f0837edfbd379ba26022a2b584a41497e4209348
SHA256

cdf68a9a1f87c1f7134181e77063ecaccde6da7e3ee33fafb78a830d1813084a
SHA512

db12c423a55a0336cca36474783eaf6a3d2d1c763e76e655446ada9b58254a0a036b2d138f66dc7cbeda340c8f0718a3d662ff5c35ee65b8c1cc955d155b6731
SSDEEP

3072:MnmB+knvAH5wRwu9DnVRWshGSMv4OS1ftwU5VQVPDXL:Mw6sfWqIOltwU5VQl7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2c08c21989ecd5859c85a6c12bcaaea4

Files

2c08c21989ecd5859c85a6c12bcaaea4
.exe windows:4 windows x86 arch:x86

f8d430f2935e6ff2a68a3489d9b14311

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DeleteAtom
SetLastError
WriteFile
GetFileTime
CopyFileExW
ReadConsoleW
ReadConsoleA
Sleep
GetComputerNameA
DeleteFileW
CreateDirectoryA
OpenFile
ExitThread
CreateThread
CopyFileW
GetConsoleMode
GetCPInfo
GetFileSize
GetLastError
FindFirstFileA
DeleteFileA
GetStdHandle
FindAtomA
GetFileTime
ReadConsoleW
FindFirstFileA
CopyFileW
FindAtomA
ExitThread
GetStdHandle
ReadFile
CopyFileExW
SetLastError
CreateThread
OpenFile
GetCommandLineA
ReadConsoleA
GetFileSize
GetCPInfo
DeleteFileA
GetLastError
GetComputerNameA
CopyFileA
DeleteAtom
CreateDirectoryA

user32

DrawIcon
IsWindow
CreateIcon
CopyIcon
GetCursor
GetWindowTextA
GetWindowTextLengthA
GetDC
LoadMenuA
GetMenu
IsMenu
CloseWindow
CopyRect
DialogBoxParamW
CalcMenuBar
AppendMenuA
DrawIconEx
DialogBoxParamA
LoadCursorA
DrawTextA
AppendMenuW

advapi32

RegEnumKeyExA
RegOpenKeyW
RegOpenKeyExA
RegQueryValueW
RegQueryValueExW
RegDeleteKeyW
RegEnumValueW
RegDeleteValueW
RegEnumValueA
RegLoadKeyA
RegReplaceKeyA
RegOpenKeyA
RegCreateKeyExW
RegDeleteValueA
RegCreateKeyW
RegEnumKeyW
RegEnumKeyExW
RegGetKeySecurity
RegDeleteKeyA
RegFlushKey
RegOpenKeyExW
RegCreateKeyExA
RegQueryValueA
RegQueryValueExA
RegEnumKeyExW
RegDeleteKeyA
RegOpenKeyExA
RegLoadKeyW
RegEnumKeyW
RegQueryValueW
RegDeleteValueW
RegQueryInfoKeyA
RegCreateKeyExA
RegEnumKeyA
RegFlushKey
RegOpenKeyA
RegDeleteValueA
RegEnumKeyExA
RegLoadKeyA
RegGetKeySecurity
RegCreateKeyW
RegQueryValueExW
RegEnumKeyW
RegLoadKeyW
RegOpenKeyExA
RegQueryValueExW
RegOpenKeyW
RegEnumKeyExW
RegOpenKeyExW
RegDeleteKeyA
RegCreateKeyExW
RegDeleteValueW
RegCreateKeyW
RegDeleteValueA
RegLoadKeyA
RegQueryInfoKeyW
RegReplaceKeyA
RegQueryInfoKeyA
RegQueryInfoKeyW
RegOpenKeyA
RegReplaceKeyW
RegCreateKeyExW
RegCreateKeyExA
RegEnumKeyExW
RegQueryInfoKeyA
RegFlushKey
RegQueryValueW
RegLoadKeyW
RegDeleteKeyA
RegEnumValueA
RegEnumKeyW
RegOpenKeyExA
RegOpenKeyExW
RegEnumKeyA
RegDeleteKeyW
RegQueryValueA
RegGetKeySecurity
RegDeleteValueA

Sections

CODE
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.zJhTmw
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.vdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.gSydxu
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ldata
Size: 164KB - Virtual size: 3.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.WKRtLy
Size: 4KB - Virtual size: 23B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f8d430f2935e6ff2a68a3489d9b14311

Headers

File Characteristics

Imports

kernel32

user32

advapi32

Sections

CODE Size: 4KB - Virtual size: 2KB

.zJhTmw Size: 8KB - Virtual size: 5KB

.vdata Size: 8KB - Virtual size: 6KB

.gSydxu Size: 4KB - Virtual size: 1KB

.ldata Size: 164KB - Virtual size: 3.4MB

.WKRtLy Size: 4KB - Virtual size: 23B

.rdata Size: 4KB - Virtual size: 24B

.idata Size: 4KB - Virtual size: 3KB

.rsrc Size: 4KB - Virtual size: 3KB

CODE
Size: 4KB - Virtual size: 2KB

.zJhTmw
Size: 8KB - Virtual size: 5KB

.vdata
Size: 8KB - Virtual size: 6KB

.gSydxu
Size: 4KB - Virtual size: 1KB

.ldata
Size: 164KB - Virtual size: 3.4MB

.WKRtLy
Size: 4KB - Virtual size: 23B

.rdata
Size: 4KB - Virtual size: 24B

.idata
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 4KB - Virtual size: 3KB