2cd3416951ec90fe54e30221035680db

General

Target

2cd3416951ec90fe54e30221035680db
Size

96KB
MD5

2cd3416951ec90fe54e30221035680db
SHA1

1b52b411011413ae91d3118bac953d8306dfabbb
SHA256

218680608ea131a29220981b58944fde9aea52a56136d78c63097dcbf849e986
SHA512

55a35734fbb829b4bd7936495a2ac460ff4b6a97d98dbe6dd77f51d9b9a1ac8f1a38e5cbf6db14abb68e982a35b019caa6a1149eaa15365bbc842177a1ac8bee
SSDEEP

768:BPMKwSIVZax5tLq89OXLkSvgQTLc7GqfeQD65B6X8rJ8Zp8Pw/cQ:5MKYax5tLqiSDu/f96asrE8PGR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2cd3416951ec90fe54e30221035680db

Files

2cd3416951ec90fe54e30221035680db
.exe windows:4 windows x86 arch:x86

3f5ac2d5a9bd04a82a643a2b976f44aa

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TerminateProcess
CopyFileA
GetCurrentProcessId
GetProcAddress
GetModuleHandleA
GetLastError
CreateMutexA
GetModuleFileNameA
CreateThread
GetCurrentDirectoryA
GetTickCount
CompareStringW
CompareStringA
SetEndOfFile
LoadLibraryA
GetOEMCP
GetACP
GetCurrentProcess
GetSystemDirectoryA
GetVersionExA
lstrlenA
Sleep
ExpandEnvironmentStringsA
CreateFileA
WriteFile
CreateDirectoryA
CloseHandle
GetCPInfo
SetFilePointer
GetStringTypeW
GetStringTypeA
ReadFile
FlushFileBuffers
SetStdHandle
HeapReAlloc
VirtualAlloc
RtlUnwind
VirtualFree
HeapCreate
SetEnvironmentVariableA
HeapDestroy
GetEnvironmentVariableA
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetTimeZoneInformation
GetSystemTime
GetLocalTime
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
HeapFree
HeapAlloc
WideCharToMultiByte
MultiByteToWideChar
LCMapStringA
LCMapStringW
UnhandledExceptionFilter

user32

SendMessageA
FindWindowA
ShowWindow
FindWindowExA
wsprintfA

advapi32

LookupPrivilegeValueA
AdjustTokenPrivileges
RegQueryValueExA
RegCreateKeyExA
RegSetValueExA
RegOpenKeyExA
RegCloseKey
OpenProcessToken

shell32

ShellExecuteA

ws2_32

inet_addr
htons
connect
gethostbyname
send
recv
closesocket
__WSAFDIsSet
select
ioctlsocket
listen
bind
WSAStartup
socket
accept

wininet

InternetOpenUrlA
InternetOpenA
InternetReadFile
InternetCloseHandle

Sections

unpacked
Size: 92KB - Virtual size: 92KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

3f5ac2d5a9bd04a82a643a2b976f44aa

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ws2_32

wininet

Sections

unpacked Size: 92KB - Virtual size: 92KB

unpacked
Size: 92KB - Virtual size: 92KB