2c626e7a6f9b6d31a252c070198b9129

General

Target

2c626e7a6f9b6d31a252c070198b9129
Size

417KB
MD5

2c626e7a6f9b6d31a252c070198b9129
SHA1

84231176f9cc2bca56f37325dd6ee7d95e27b099
SHA256

4c27eae4ca6589deabd20fddb97aec3400588e919d4bed57f01a24d0610dd0c4
SHA512

fe8834bda7069baad4d475ac280c15105241a0d322ef568041ec2b92ac1fdf2fec32f4d4dc79f89f49bd995426373d5ec071d551f2af36eb84420a2f1155ee47
SSDEEP

12288:3WtAAdbEIMfuUOoin0sPSaALdPz6/SAl/Y:Z1CUdmX4pu/NlA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2c626e7a6f9b6d31a252c070198b9129

Files

2c626e7a6f9b6d31a252c070198b9129
.exe windows:4 windows x86 arch:x86

2311e8f2878c8d744240a86ed9a9f4bd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

EnterCriticalSection
HeapAlloc
GetCurrentProcess
WriteFile
MultiByteToWideChar
VirtualFree
GetACP
GetLastError
LoadLibraryA
WriteFileEx
VirtualQuery
VirtualAlloc
GetProcAddress
HeapDestroy
TlsSetValue
SetHandleCount
GetModuleHandleA
GetCurrentThread
SetEndOfFile
CreateDirectoryA
ExitProcess
HeapReAlloc
GetEnvironmentStringsW
AddAtomA
GetModuleFileNameA
HeapCreate
GetOEMCP
GetAtomNameA
UnhandledExceptionFilter
SetLastError
GetTickCount
GetStringTypeA
TlsGetValue
TlsFree
WaitForMultipleObjects
GetEnvironmentStrings
InterlockedExchange
GetVersion
QueryPerformanceCounter
LeaveCriticalSection
FreeEnvironmentStringsA
GetCurrentThreadId
LCMapStringA
GetCurrentProcessId
WideCharToMultiByte
GetStdHandle
IsBadWritePtr
RtlUnwind
InitializeCriticalSection
LCMapStringW
TlsAlloc
DeleteCriticalSection
GetCommandLineA
GetStringTypeW
GetFileType
HeapFree
GetStartupInfoA
GetCPInfo
FreeEnvironmentStringsW
GetSystemTimeAsFileTime
GetSystemDefaultLCID
TerminateProcess

wininet

InternetOpenW

Sections

.text
Size: 120KB - Virtual size: 120KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 281KB - Virtual size: 281KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2311e8f2878c8d744240a86ed9a9f4bd

Headers

File Characteristics

Imports

kernel32

wininet

Sections

.text Size: 120KB - Virtual size: 120KB

.rdata Size: 3KB - Virtual size: 14KB

.data Size: 281KB - Virtual size: 281KB

.rsrc Size: 11KB - Virtual size: 10KB

.text
Size: 120KB - Virtual size: 120KB

.rdata
Size: 3KB - Virtual size: 14KB

.data
Size: 281KB - Virtual size: 281KB

.rsrc
Size: 11KB - Virtual size: 10KB