2c5ed753bc7abd804fdcd0fe566fc63e

Sharing

Copy URL

Twitter E-mail

General

Target

2c5ed753bc7abd804fdcd0fe566fc63e
Size

156KB
MD5

2c5ed753bc7abd804fdcd0fe566fc63e
SHA1

f528d776346aa13aff3c97af26d947b59fc298a1
SHA256

0febe34bb293f6de2edf440d29976f9c546aecb02eb0b3ee78c5c4473fabf097
SHA512

67a43d0616aae25b5b5e4b672f261828c6fb6bc6d62a09bbed29adf212f116d48c26d26f4a034e145da3960c5a922fd3c8664da5336f9c2b227a6755942c6b8c
SSDEEP

3072:s49BY5KsA1yUg1+If5clnat6ZRSXFy8bw6Jm+lweut6OAq:HYi15g5qXZRSVRjJtJu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2c5ed753bc7abd804fdcd0fe566fc63e

Files

2c5ed753bc7abd804fdcd0fe566fc63e
.exe windows:4 windows x86 arch:x86

3600c3152f43a7643735443cf70a58a9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemTime
QueryPerformanceCounter
GetLocalTime
MoveFileExA
CreateFileW
GetModuleHandleA
GetDateFormatA
SizeofResource
lstrcmpA
GetCurrentProcess
WriteConsoleA
GetCurrentDirectoryA
GetLastError
GetVolumeInformationA
CompareStringW
CompareStringA
LCMapStringW
LCMapStringA
GetStringTypeW
GetStringTypeA
MultiByteToWideChar
LoadLibraryA
GetOEMCP
GetACP
GetCPInfo
WriteFile
RtlUnwind
GetStartupInfoA
GlobalUnlock
GetLocaleInfoW
MulDiv
GlobalAlloc
QueryPerformanceFrequency
GlobalFree
OpenProcess
GetVersionExW
IsBadReadPtr
SetEnvironmentVariableA
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
WideCharToMultiByte
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetTimeZoneInformation
HeapFree
HeapAlloc
GetCommandLineA
GetVersion
ExitProcess
GetProcAddress
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
TerminateProcess
UnhandledExceptionFilter
GetModuleFileNameA

user32

GetForegroundWindow
GetWindowThreadProcessId
GetSystemMetrics
InflateRect
SetParent
SetCursor
InsertMenuItemW
IntersectRect
GetWindowRect
DialogBoxIndirectParamA
DefWindowProcA
CreateDialogIndirectParamA
GetClientRect

gdi32

TextOutA
Escape
SetAbortProc
AbortDoc
SetRectRgn
CombineRgn
EndDoc
GetDeviceCaps
RectVisible

ole32

StgCreateDocfile
CoInitialize
OleCreate
CoUninitialize
CoSuspendClassObjects

version

GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 68KB - Virtual size: 66KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 76KB - Virtual size: 383KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3600c3152f43a7643735443cf70a58a9

Headers

File Characteristics

Imports

kernel32

user32

gdi32

ole32

version

Sections

.text Size: 68KB - Virtual size: 66KB

.data Size: 76KB - Virtual size: 383KB

.rsrc Size: 4KB - Virtual size: 1KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 68KB - Virtual size: 66KB

.data
Size: 76KB - Virtual size: 383KB

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 4KB - Virtual size: 3KB