5c2fc2640dcb20d73c9dd43c8acd13a2 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5c2fc2640dcb20d73c9dd43c8acd13a2
Size

716KB
MD5

5c2fc2640dcb20d73c9dd43c8acd13a2
SHA1

9c278d48e9dc36c06fd9b8127e763c84d62432aa
SHA256

1ebd578d07185c1944065965c7da19826e6ba0e883f51244350e555920d28c84
SHA512

9e0f98571853a9859ed43ea4cae3a4a62d851b349a619103aafad80b80681eac2c8dbe1ad8d31fbd12a852e93335b4faab8fea7e6ebd06cdc94cc4dd9087405e
SSDEEP

12288:c2UqxSEDT5n4GhQn8LnzB4XG0wBtuycNTpvWLQ8c9GwtW8rsxyC3fpQm:c6kyTyxnSN4XG00tsL+LQ8cswQwsYC3l

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5c2fc2640dcb20d73c9dd43c8acd13a2

Files

5c2fc2640dcb20d73c9dd43c8acd13a2
.exe windows:4 windows x86 arch:x86

5b021d4102525dfe0258d27400679112

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TlsFree
GetModuleHandleA
GetVersion
GetACP
HeapReAlloc
InterlockedExchange
WaitForSingleObject
GetAtomNameA
FindAtomA
SetEvent
GlobalUnlock
CloseHandle
HeapWalk
ResetEvent
VirtualProtect
LoadLibraryW
GetTickCount
lstrlenA
GetConsoleCP
GetProfileIntA
CompareFileTime

user32

ShowWindow
SetWindowPos
ModifyMenuA
PostMessageA
SetPropA
UpdateWindow
EnableScrollBar
LoadIconA
GetScrollRange
SetSysColors
ScrollDC
PostQuitMessage
DialogBoxParamA
InflateRect
GetWindowTextA
GetDlgItem
DispatchMessageA
GetMenuStringA
GetSubMenu
GetWindowLongA
CopyRect
MessageBoxA
EqualRect
InsertMenuA
GetMenu
GetKeyboardLayout
DestroyMenu
GetParent
TranslateMessage

msi

MsiGetMode
MsiEnumClientsA
MsiDoActionA
MsiEnumProductsA
MsiCloseHandle

apphelp

ApphelpCheckExe

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 2.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ