c2ed7fda5fdadc3e1f264f8b70d7ecc75a12d1cb8d45ef0059c7986e6a15bdaa

Sharing

Copy URL

Twitter E-mail

General

Target

c2ed7fda5fdadc3e1f264f8b70d7ecc75a12d1cb8d45ef0059c7986e6a15bdaa
Size

2.1MB
MD5

a4dfba8aaec1bcde5eef228597b0c870
SHA1

314bf79d94a8e5ead0e00d6f2a2c141125ff1f06
SHA256

c2ed7fda5fdadc3e1f264f8b70d7ecc75a12d1cb8d45ef0059c7986e6a15bdaa
SHA512

2076f4f55e1abaa7e27adef724424e8b98eb1388684649195bce6e07a480590006fade721f0b2f5cac761825f075c5bfb7734e41c1070688b02113d7d216a788
SSDEEP

24576:T+9FMZ6uvfNPED3TukQFScnHSyU2RSDru8iSIJrpE4V9X+vgjJtCA3zUjIu:TdpNa5SyyVYxiRrpE4VcvwJ7+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c2ed7fda5fdadc3e1f264f8b70d7ecc75a12d1cb8d45ef0059c7986e6a15bdaa

Files

c2ed7fda5fdadc3e1f264f8b70d7ecc75a12d1cb8d45ef0059c7986e6a15bdaa
.exe windows:4 windows x86 arch:x86

bf9007abd0d4635fe982aa9d3b875d71

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

SetForegroundWindow
InvalidateRect
ShowWindow
ClientToScreen
IsWindow
GetDlgItem
SetWindowTextW
SetTimer
GetDC
GetWindowRect
EndPaint
MessageBoxA
DestroyWindow
GetCursorPos
PostQuitMessage
EnableMenuItem
ReleaseDC
EndDialog
GetSystemMetrics
SetCursor
LoadStringW
SetWindowLongW
MessageBoxW
SetWindowPos
GetWindow
TranslateMessage
GetClientRect
EnableWindow

ole32

CoTaskMemRealloc
CoUninitialize
CoTaskMemAlloc
CoCreateInstance
CoInitialize
CoTaskMemFree
OleInitialize

oleaut32

VariantCopyInd
RegisterTypeLi
SysStringLen
SysAllocStringLen
SafeArrayCreate
SafeArrayPutElement
VariantChangeTypeEx
LoadTypeLi
GetActiveObject

msvcrt

_onexit
__dllonexit
_controlfp
_except_handler3
__set_app_type
__p__fmode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
__p__commode
_XcptFilter
_exit

kernel32

IsDebuggerPresent
GetCurrentProcess
SetUnhandledExceptionFilter
InterlockedCompareExchange
Sleep
QueryPerformanceCounter
GetTickCount
GetStartupInfoA
WriteFile
GetSystemTimeAsFileTime
LoadLibraryA
SetLastError
TerminateProcess
UnhandledExceptionFilter
InterlockedDecrement
LeaveCriticalSection
VirtualFree
GetModuleFileNameA
InitializeCriticalSection
GetModuleHandleA
GetProcAddress
EnterCriticalSection
GetLastError
GetCurrentThreadId
InterlockedExchange
WideCharToMultiByte
FreeLibrary
VirtualAlloc
GetCurrentProcessId

Sections

.text
Size: 100KB - Virtual size: 99KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1.9MB - Virtual size: 1.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bf9007abd0d4635fe982aa9d3b875d71

Headers

File Characteristics

Imports

user32

ole32

oleaut32

msvcrt

kernel32

Sections

.text Size: 100KB - Virtual size: 99KB

.rdata Size: 12KB - Virtual size: 10KB

.data Size: 1.9MB - Virtual size: 1.9MB

.rsrc Size: 8KB - Virtual size: 7KB

.text
Size: 100KB - Virtual size: 99KB

.rdata
Size: 12KB - Virtual size: 10KB

.data
Size: 1.9MB - Virtual size: 1.9MB

.rsrc
Size: 8KB - Virtual size: 7KB