2ca0e223e093e2847afcb654f4634244

Sharing

Copy URL Twitter E-mail

General

Target

2ca0e223e093e2847afcb654f4634244
Size

122KB
MD5

2ca0e223e093e2847afcb654f4634244
SHA1

d07da3863d8aae47d6513f8b12108391db3b83dd
SHA256

b1dd0275b175b3744755c3be807347ddd714d813cf83782b6d50d425f753f790
SHA512

7f10b6fb3cd451fb057810bc0964656f43c317daa8fa54594094b60a788de8e851784eb99125611f32470d60b67c387362f56512efa42f70dc19b6fbc00ad50b
SSDEEP

1536:8yieFfmsBbufTx/tWCcFG5bRKMnlGvdRf2K70zmJPNqdLm3EKv7GAGoEv:Hi94yTx1XcFunGlRBYzLlmGZv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2ca0e223e093e2847afcb654f4634244

Files

2ca0e223e093e2847afcb654f4634244
.exe windows:4 windows x86 arch:x86

54e10a923e4a657614d526e9e1500fa1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualFree
HeapCreate
HeapDestroy
GetVersionExA
GetEnvironmentVariableA
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
WriteFile
GetCurrentProcess
TerminateProcess
HeapAlloc
HeapFree
ExitProcess
GetVersion
GetCommandLineA
GetStartupInfoA
GetModuleHandleA
WideCharToMultiByte
RtlUnwind
VirtualAlloc
HeapReAlloc
IsBadWritePtr
MultiByteToWideChar
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
GetCPInfo
GetACP
GetShortPathNameA
GetFullPathNameA
LoadLibraryA
GetProcAddress
ReleaseMutex
FreeLibrary
FindFirstFileA
FindClose
GetModuleFileNameA
GetSystemDirectoryA
WinExec
CreateMutexA
GetLastError
UnhandledExceptionFilter
GetOEMCP

user32

DrawTextA
SetWindowPos
GetSystemMetrics
EndPaint
BeginPaint
TrackPopupMenu
TrackPopupMenuEx
GetCursorPos
SetTimer
KillTimer
UpdateWindow
GetWindowThreadProcessId
UnloadKeyboardLayout
LoadKeyboardLayoutA
GetAsyncKeyState
DestroyWindow
wsprintfA
PostQuitMessage
FindWindowA
LoadCursorA
RegisterClassA
CreateWindowExA
GetMessageA
TranslateMessage
DispatchMessageA
DestroyIcon
CreateIconIndirect
RegisterWindowMessageA
CreatePopupMenu
InsertMenuItemA
AppendMenuA
MessageBoxA
PostMessageA
SetForegroundWindow
DestroyMenu
DefWindowProcA
GetSysColorBrush
FillRect
GetSysColor
DrawIconEx
GetDC
ReleaseDC
LoadBitmapA
LoadIconA

gdi32

SelectObject
GetStockObject
GetTextExtentPoint32W
DeleteObject
BitBlt
CreateCompatibleDC
TextOutW
TextOutA
SetBkMode
SetTextColor
SetMapMode
CreateFontA
GetTextExtentPoint32A
DeleteDC

advapi32

RegEnumValueA
RegEnumKeyExA
RegDeleteValueA
RegDeleteKeyA
RegCreateKeyExA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
RegSetValueExA

shell32

SHAppBarMessage
Shell_NotifyIconA

keyman32

Keyman_Exit
Keyman_Initialise
Keyman_GetLastActiveWindow
Keyman_BuildKeyboardList
GetSystemStore

Sections

.text
Size: 32KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 62KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

54e10a923e4a657614d526e9e1500fa1

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

keyman32

Sections

.text Size: 32KB - Virtual size: 29KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 16KB - Virtual size: 16KB

.rsrc Size: 62KB - Virtual size: 64KB

.text
Size: 32KB - Virtual size: 29KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 16KB - Virtual size: 16KB

.rsrc
Size: 62KB - Virtual size: 64KB