2c2f9626e6d9ae56ad53a4dacec8c000 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2c2f9626e6d9ae56ad53a4dacec8c000
Size

56KB
MD5

2c2f9626e6d9ae56ad53a4dacec8c000
SHA1

23580d79d4c8c7e67f94ee100f1e9098eae34175
SHA256

9674639bbc749bf16c723d2e3440688167136e752c0427314ac4c429ddfd9b9d
SHA512

974b49ff03d07adfe1336115f691abb1736cf61df951700f6183aa9bf7a4b8280fdc0398e446a8e4b0959c2cced84cc52bca9eeafbbd9eb55f19ed046ecff83f
SSDEEP

1536:p0QFh9juQDljmpB2vOr7VMFkegSz0a5TilOhQ:nFhcQJSwFFkegSI7lOG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2c2f9626e6d9ae56ad53a4dacec8c000

Files

2c2f9626e6d9ae56ad53a4dacec8c000
.exe windows:4 windows x86 arch:x86

f3e16ebe7db41c517ffa0fab26361182

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
WideCharToMultiByte
Sleep
InterlockedDecrement
GetTickCount
GetCurrentThreadId
FreeLibrary
DuplicateHandle
FileTimeToSystemTime
CloseHandle
FindNextChangeNotification
GetPrivateProfileStringW
GlobalAlloc
SetLastError
VirtualAlloc
SetThreadPriority
LoadLibraryA
DeleteFileW
ResumeThread
FindResourceW
FindClose
ResetEvent
GlobalAddAtomW
GetCurrentProcessId
CreateThread
lstrcpyW
CancelWaitableTimer
ReadFile

user32

GetSysColor
PostMessageW
GetParent
GetClassNameW
MessageBoxW
GetMessageW
LoadCursorW
SetCapture
SetWindowPos
ReleaseCapture
RegisterClassExW
PostQuitMessage
SystemParametersInfoW
RegisterWindowMessageW

gdi32

CreateFontIndirectW
GetClipBox
GetStockObject
CreateCompatibleDC
SelectObject
CreateICW
CreatePen
CreateSolidBrush

advapi32

SetSecurityDescriptorDacl
RegCreateKeyExW
StartServiceW
LookupAccountSidW
InitializeSecurityDescriptor
RegOpenKeyExW

Sections

.text
Size: 44KB - Virtual size: 42KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 972B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE