2c15eedf89bc106dbc785dfded2fe0ac

General

Target

2c15eedf89bc106dbc785dfded2fe0ac
Size

180KB
MD5

2c15eedf89bc106dbc785dfded2fe0ac
SHA1

0dd93cc3c0c8393de554fbe77aefa7be211c7d3b
SHA256

f9d6a69e02d2af6d610769d20a792e5347c278009eb9a7003d0ca2a215c5d8ac
SHA512

79b6c5cdb34d6493b9cd68545bde9a08825a0cc35febb9ec7d3a4096511dea916cac82ee3a6b8771e3e5372d91b0c56bac280ab47c52a769012330d62ca7872e
SSDEEP

3072:FrKrk2cSuYpVFuPe7JAdw/tLvOelkY/jTuC7+Dt+TbjlMV9n0vc/EPoLtOhxlqo:FaPcS5VEPe762tL3/Bufn0vcMgLtOhx5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2c15eedf89bc106dbc785dfded2fe0ac

Files

2c15eedf89bc106dbc785dfded2fe0ac
.exe windows:4 windows x86 arch:x86

ca9d421217c79a18b0d24e8395c16268

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProfileStringW
lstrcmpW
GetSystemWindowsDirectoryW
EnterCriticalSection
Sleep
InitializeCriticalSection
InterlockedExchange
DeleteCriticalSection
LeaveCriticalSection
InterlockedDecrement
InterlockedIncrement
MultiByteToWideChar
HeapFree
HeapAlloc
GetModuleHandleA
GetStartupInfoW
GetVersion
ExitProcess
RtlUnwind
RaiseException
TerminateProcess
GetCurrentProcess
HeapReAlloc
HeapSize
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
UnhandledExceptionFilter
GetModuleFileNameW
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetEnvironmentStrings
GetCommandLineW
GetCommandLineA
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetCurrentThreadId
TlsSetValue
TlsAlloc
SetLastError
TlsGetValue
GetLastError
WriteFile
GetModuleFileNameA
SetFilePointer
FlushFileBuffers
CloseHandle
WideCharToMultiByte
SetUnhandledExceptionFilter
GetCPInfo
GetProcAddress
LoadLibraryA
IsBadReadPtr
IsBadCodePtr
SetStdHandle
ReadFile
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
GetACP
GetOEMCP
FreeLibrary
LocalAlloc

Sections

.text
Size: 44KB - Virtual size: 41KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 52KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 72KB - Virtual size: 670KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ca9d421217c79a18b0d24e8395c16268

Headers

File Characteristics

Imports

kernel32

Sections

.text Size: 44KB - Virtual size: 41KB

.rdata Size: 52KB - Virtual size: 50KB

.data Size: 72KB - Virtual size: 670KB

.reloc Size: 8KB - Virtual size: 6KB

.text
Size: 44KB - Virtual size: 41KB

.rdata
Size: 52KB - Virtual size: 50KB

.data
Size: 72KB - Virtual size: 670KB

.reloc
Size: 8KB - Virtual size: 6KB