2c78aecb46915fa597bd99f50a1c90f9

Sharing

Copy URL

Twitter E-mail

General

Target

2c78aecb46915fa597bd99f50a1c90f9
Size

473KB
MD5

2c78aecb46915fa597bd99f50a1c90f9
SHA1

150e51a21d8001e60371e00620088ad45ff3c1c7
SHA256

b39e41addade3dd5dcbeca60b1f8fd6d18e7a07990ff55f4aa8e33ad46b06141
SHA512

6ead1dc5c5362666d3982c072a36f87fc10ad37aed66157a24d2bc483d0cdc00f22eeff710604a901eeaed1d42a887042a9a08dc090af132b12272acd4226d54
SSDEEP

12288:QuQk0kowtce++c7MTYbFjnvz7SMfm7nE:117DnTYBjnvzY7E

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2c78aecb46915fa597bd99f50a1c90f9

Files

2c78aecb46915fa597bd99f50a1c90f9
.exe windows:4 windows x86 arch:x86

115ac6f162bfb885005309520c3a8c32

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

MultiByteToWideChar
GetSystemTimeAsFileTime
GetStdHandle
VirtualAlloc
SetFileAttributesA
Sleep
LCMapStringA
SetUnhandledExceptionFilter
GetVersionExA
VirtualFree
GetCommandLineW
SetHandleCount
TlsSetValue
GetEnvironmentStringsW
LCMapStringW
IsDebuggerPresent
GetLocaleInfoW
WriteConsoleInputA
GetTempPathA
GetModuleFileNameA
WriteFile
GetSystemTime
GetCurrentProcess
GetCurrentThread
lstrcat
QueryPerformanceCounter
GetLastError
IsValidLocale
EnumSystemLocalesA
GetProcAddress
GetOEMCP
GetStartupInfoA
GetProcAddress
TerminateProcess
TlsGetValue
GetCurrentThreadId
GetStringTypeExA
GetLocaleInfoA
FreeLibrary
GetModuleHandleW
InitializeCriticalSectionAndSpinCount
ExitProcess
SetConsoleCtrlHandler
GetModuleHandleA
InterlockedIncrement
GetTickCount
HeapFree
DeleteCriticalSection
GetModuleFileNameW
CompareStringA
EnumTimeFormatsA
IsValidCodePage
HeapDestroy
SetLastError
InterlockedExchange
TlsFree
GetFileType
TlsAlloc
GetStartupInfoW
GetStringTypeA
InterlockedDecrement
UnlockFile
GetCurrentProcessId
GetDateFormatA
LoadLibraryA
ReadConsoleW
GetExitCodeThread
SetEnvironmentVariableA
EnumCalendarInfoW
GetCPInfo
GetTimeFormatA
HeapSize
UnhandledExceptionFilter
CompareStringW
HeapCreate
EnterCriticalSection
GetPriorityClass
HeapReAlloc
VirtualQuery
GetUserDefaultLCID
RtlUnwind
LockFile
EnumResourceLanguagesW
GetStringTypeW
GetACP
LeaveCriticalSection
WideCharToMultiByte
FreeEnvironmentStringsW
SetLocaleInfoW
GetTimeZoneInformation
HeapAlloc

gdi32

PlayEnhMetaFile
ResetDCW
SetBkMode
CopyMetaFileA

user32

DlgDirListA
LookupIconIdFromDirectoryEx
SetRectEmpty
UnhookWindowsHookEx
GetMenuItemCount
CharPrevW
SetWindowTextA
GetMenuItemRect
FrameRect
DefDlgProcW
DefFrameProcA
CopyAcceleratorTableA
GetTabbedTextExtentA
ModifyMenuA
RemovePropA
ClientToScreen
UnregisterClassA

Sections

.text
Size: 128KB - Virtual size: 128KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 323KB - Virtual size: 322KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

115ac6f162bfb885005309520c3a8c32

Headers

File Characteristics

Imports

kernel32

gdi32

user32

Sections

.text Size: 128KB - Virtual size: 128KB

.rdata Size: 8KB - Virtual size: 18KB

.data Size: 323KB - Virtual size: 322KB

.rsrc Size: 12KB - Virtual size: 12KB

.text
Size: 128KB - Virtual size: 128KB

.rdata
Size: 8KB - Virtual size: 18KB

.data
Size: 323KB - Virtual size: 322KB

.rsrc
Size: 12KB - Virtual size: 12KB