03e2cc2c6e5ff581007088f7303607cf48cd317dc0172491a751ff4c227f98d2

General

Target

03e2cc2c6e5ff581007088f7303607cf48cd317dc0172491a751ff4c227f98d2
Size

119KB
MD5

11d44fac09091cb7d1bed1c925967bc0
SHA1

cbe8e35f3eb1e5db83beba915ceb8139e24456b1
SHA256

03e2cc2c6e5ff581007088f7303607cf48cd317dc0172491a751ff4c227f98d2
SHA512

220f744493583a080ea7645b49dbf0f1817b2568032b3bdbe65c93a6fc9c640f967c9f0a26fe944ef279004b32ccbfee34d4bf92a726e406a022a72f12851a1f
SSDEEP

3072:7c+BCcaqukSU1LMDUEJZPR8kOAAzkr7YQYwiko7O:Yjq5SsKRzO0/Vi4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
03e2cc2c6e5ff581007088f7303607cf48cd317dc0172491a751ff4c227f98d2

Files

03e2cc2c6e5ff581007088f7303607cf48cd317dc0172491a751ff4c227f98d2
.exe windows:4 windows x86 arch:x86

d76e8606972bcb3e4fd7ec1a5f1f8345

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DisconnectNamedPipe
GetUserDefaultLCID
SetEndOfFile
lstrcatA
GetSystemTimeAsFileTime
TerminateProcess
GetFullPathNameW
ConvertFiberToThread
GetDriveTypeW
GetFileInformationByHandle
WaitForMultipleObjects
CreateThread
SetUnhandledExceptionFilter
GetCurrentProcess
CloseHandle
FlushFileBuffers
CreateDirectoryW
FreeEnvironmentStringsA
FindFirstFileW
TlsAlloc
lstrlenA
GetLocalTime
DeleteFileW
GetVersionExA
GetModuleFileNameW
WideCharToMultiByte
LoadLibraryA
PeekNamedPipe
FindCloseChangeNotification
CreateEventA
SwitchToThread
LocalFree
ReadFile
IsDebuggerPresent
ReleaseSemaphore
SetFilePointer
RemoveDirectoryW
WaitForSingleObject
MultiByteToWideChar
CreateNamedPipeA
TlsFree
GetOverlappedResult
GetLastError
GetTickCount
EnumResourceNamesA
GetCurrentProcessId
FindClose
GetSystemDirectoryW
LoadLibraryW
TlsSetValue
ResetEvent
MoveFileW
QueryPerformanceCounter
CreateSemaphoreA
GetStartupInfoA
GetSystemDirectoryA
TlsGetValue
LocalAlloc
InterlockedCompareExchange
GetProcAddress
LeaveCriticalSection
ExitProcess
FindNextFileW
SetEvent
FindFirstChangeNotificationW
FreeLibrary
CreateFileW
Sleep
GetCurrentThread
WriteFile
EnterCriticalSection
DeleteCriticalSection
InterlockedExchange
UnhandledExceptionFilter
FindNextChangeNotification
InitializeCriticalSection
GetCurrentThreadId
ConnectNamedPipe

oleacc

LresultFromObject
CreateStdAccessibleObject

Sections

.text
Size: 93KB - Virtual size: 92KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d76e8606972bcb3e4fd7ec1a5f1f8345

Headers

File Characteristics

Imports

kernel32

oleacc

Sections

.text Size: 93KB - Virtual size: 92KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 22KB - Virtual size: 21KB

.rsrc Size: 1024B - Virtual size: 64KB

.text
Size: 93KB - Virtual size: 92KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 22KB - Virtual size: 21KB

.rsrc
Size: 1024B - Virtual size: 64KB