2cc0ac3cd5d1ca117ef5f63a33d35eb8

Sharing

Copy URL Twitter E-mail

General

Target

2cc0ac3cd5d1ca117ef5f63a33d35eb8
Size

30KB
MD5

2cc0ac3cd5d1ca117ef5f63a33d35eb8
SHA1

4693097c946383f8de3485be6343631f8fd21d8f
SHA256

e98f9663f74a475a83516f7e3cf32ec359d5d7ed9323c52e981001116be5dc05
SHA512

e7fca4cf1a2d42f8747d19d1b09165905a5dcafa91b8662af286926e539a8386df93fe307787c5fa5e97bd8c0ce2d1f5d60cfba0981db5c071fcdc074e3f9547
SSDEEP

768:EkNefVDAQ6/4381UzwavKTCZztVRrMi5:E9fVDAQ6gYUG2H3gi5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2cc0ac3cd5d1ca117ef5f63a33d35eb8

Files

2cc0ac3cd5d1ca117ef5f63a33d35eb8
.exe windows:4 windows x86 arch:x86

dab44e7c7cb511fc24bb40fcadce09e4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

GetClipBox
SaveDC
PlayMetaFileRecord
DeleteDC
CreatePatternBrush
CreateBitmap
MoveToEx
GetStockObject
SetMapperFlags
SetViewportOrgEx
EnumMetaFile
DeleteObject
PolyBezierTo
GetClipRgn
ArcTo
SetBkMode

comdlg32

GetFileTitleA

kernel32

Sleep
lstrcpynA
GetProcessVersion
GetPrivateProfileIntA
GetEnvironmentVariableA
UnlockFile
lstrcmpiA
GetModuleFileNameA
LoadResource
SetLastError
VirtualAlloc
FileTimeToLocalFileTime
GetCPInfo
CreateThread
GetSystemTime
EnterCriticalSection
IsValidLocale
FlushFileBuffers
CompareStringA
LockResource
ReadFile
FreeEnvironmentStringsA
WaitForSingleObject
HeapSize
LeaveCriticalSection
WideCharToMultiByte
SetEnvironmentVariableA
HeapFree
ExitProcess
ResumeThread
GetTimeZoneInformation
TlsGetValue
RaiseException
GetStringTypeA
lstrcmpA
SetEvent
GetStdHandle
GlobalFindAtomA
WriteFile
LCMapStringW

shell32

DragAcceptFiles
SHGetFileInfoA

samlib

SamRemoveMultipleMembersFromAlias

crypt32

CryptEnumOIDInfo

advapi32

RegOpenKeyA
RegCreateKeyExA
RegDeleteValueA
RegEnumValueA
RegRestoreKeyA
RegOpenKeyExA
RegQueryInfoKeyA
RegQueryValueExA
LookupPrivilegeValueA
RegCloseKey
AdjustTokenPrivileges
OpenProcessToken
RegSetValueExA
RegDeleteKeyA

setupapi

SetupGetStringFieldA
SetupDiSetDeviceRegistryPropertyA
SetupDiEnumDeviceInfo
SetupOpenInfFileA
SetupDiEnumDriverInfoA
SetupDiSetSelectedDriverA
SetupFindFirstLineA
SetupFindNextLine
SetupDiCreateDeviceInfoA
SetupDiOpenDevRegKey
SetupDiSetDeviceInstallParamsA
SetupDiClassGuidsFromNameA
SetupDiBuildDriverInfoList
SetupDiGetDeviceInstallParamsA
SetupCloseInfFile

user32

ClientToScreen
SendMessageA
GetScrollRange
CallNextHookEx
GetDlgItemTextA
CallMsgFilterA
AdjustWindowRectEx
GetMessageA
WinHelpA
DestroyWindow

Sections

.text
Size: 1024B - Virtual size: 976B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 28B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 224B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

dab44e7c7cb511fc24bb40fcadce09e4

Headers

DLL Characteristics

File Characteristics

Imports

gdi32

comdlg32

kernel32

shell32

samlib

crypt32

advapi32

setupapi

user32

Sections

.text Size: 1024B - Virtual size: 976B

.data Size: 16KB - Virtual size: 80KB

.reloc Size: 512B - Virtual size: 28B

.rsrc Size: 7KB - Virtual size: 7KB

.idata Size: 3KB - Virtual size: 2KB

.rdata Size: 512B - Virtual size: 224B

.text
Size: 1024B - Virtual size: 976B

.data
Size: 16KB - Virtual size: 80KB

.reloc
Size: 512B - Virtual size: 28B

.rsrc
Size: 7KB - Virtual size: 7KB

.idata
Size: 3KB - Virtual size: 2KB

.rdata
Size: 512B - Virtual size: 224B