2c82b63d7263a37edb7c91a6b292d57a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2c82b63d7263a37edb7c91a6b292d57a
Size

26KB
MD5

2c82b63d7263a37edb7c91a6b292d57a
SHA1

cd3d5fb7348b6c30c82bf2a037065ee3598d4fe2
SHA256

5e9f6b44a2bd30ca2024ddef3b01ab7962f0603203e95d22d936f3149a2aa699
SHA512

cb5a783fb0c8de2922ce06cc9fdbe153ea14a39acc6cd727cd9b267f80902594ad08c966315a4551f24d041d530ab183575dde16a83a6490adb6aa445d55f2e4
SSDEEP

768:tTvbx4UaWtyQGhcoxV92VnUMYFFZlprZpKlwE:tTzGU6DOoP9Osw9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2c82b63d7263a37edb7c91a6b292d57a

Files

2c82b63d7263a37edb7c91a6b292d57a
.exe windows:4 windows x86 arch:x86

d4d508178b033c42e4d240a490040341

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetModuleFileNameA
Sleep
WriteFile
DeleteFileA
LockResource
LoadResource
SizeofResource
FindResourceA
GetModuleHandleA
GetSystemDirectoryA
WaitForSingleObject
ExitProcess
CreateThread
TerminateProcess
OpenProcess
CreateEventA
OpenEventA
Process32Next
Process32First
CreateToolhelp32Snapshot
Thread32Next
Thread32First
GetVersionExA
GetFileSize
GetWindowsDirectoryA
CreateFileA
GetFileTime
SetFileTime
GetCurrentProcess
SetThreadPriority
CloseHandle

user32

SendMessageA
FindWindowA
GetWindow
EnumThreadWindows
GetWindowTextA
GetClassNameA
PostMessageA
wsprintfA

advapi32

RegSetValueExA
RegCreateKeyExA
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
RegCloseKey

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Fi7ke
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE