2c8a38c8c9142a82a50673f0b10aaf20 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2c8a38c8c9142a82a50673f0b10aaf20
Size

52KB
MD5

2c8a38c8c9142a82a50673f0b10aaf20
SHA1

cbe805e39c737a6d8bfbed85b1a2157fbed5f12d
SHA256

75f8d065db2d3b2b254e03da047f57967d84a8c4cd900848ea91b6609e9a1fb3
SHA512

bbe27d1f289c17cbc45302518b1a638f499930c51de24425ca861f7ed9936822ed4922f08b5911a4300e7656d2f4d22c6b31d75a0e149c391f48942012675072
SSDEEP

768:jod5rUwFvus7woX9m0ll7w5KreVyqtXo9O4vZ:Md5LF8E93l1w5oQoxvZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2c8a38c8c9142a82a50673f0b10aaf20

Files

2c8a38c8c9142a82a50673f0b10aaf20
.dll windows:4 windows x86 arch:x86

560f3ce66f0f3a71265becff77424b1a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
GetProcAddress
GetModuleHandleA
GetTickCount
lstrlenA
lstrcpyA
GetCommandLineA
VirtualProtect
LoadLibraryA
lstrcmpiA
VirtualFree
VirtualAlloc
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
HeapDestroy
HeapCreate
HeapFree
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
WriteFile
HeapAlloc
HeapReAlloc
GetCPInfo
GetACP
GetOEMCP
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
RtlUnwind

Exports

Exports

Ordinal1
Ordinal2
chk

Sections

.text
Size: 32KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 4KB - Virtual size: 29B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ