c101699de325e930f656768bf4e6bc50

General

Target

c101699de325e930f656768bf4e6bc50
Size

241KB
MD5

c101699de325e930f656768bf4e6bc50
SHA1

b8d6d2d81315f126998987cec2c5510545750c9f
SHA256

9ba493d56162df8aac9aa9aefd0ae80c01ad2892a8ef422af8fc5125281f4609
SHA512

70f78345d11a7a04970cb589f32d8e1f1eddcbbbe84913de2ea0ad2b16cf8f48cdba1a86cc36016dcba130665ad481273845f9ff1212632e7f73c46f941c3601
SSDEEP

3072:ulGb5OOJYGX5WdfiW0zTjza6gcEBRtu7lJEw7iVHwUnGWl6di2fGcffHJ6aJRLgy:ulQYM2uSxdGJB7iVH5nd3cpjnLsJ6pD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c101699de325e930f656768bf4e6bc50

Files

c101699de325e930f656768bf4e6bc50
.exe windows:4 windows x86 arch:x86

44ec7e47402caa9c3483f6fc36c6b077

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

StrStrW
StrChrW

kernel32

GetModuleHandleA
GetStartupInfoA
FormatMessageW
LocalAlloc
Sleep
GetCommandLineW
SetErrorMode
FreeLibrary
GetLastError
GetProcAddress
LoadLibraryW
lstrlenW
lstrcmpW
lstrcpynW
CreateFileW
ReadFile
WriteFile
CloseHandle
GetFileSize
SetFileAttributesW
MoveFileExW
DeleteFileW
lstrlenA
GetLocalTime
lstrcpyW
GetSystemDirectoryW
WideCharToMultiByte
MultiByteToWideChar
ExitProcess
LocalFree

user32

wsprintfW

advapi32

RegDeleteValueW
RegDeleteKeyW
RegCloseKey
RegSetValueExW
RegCreateKeyExW

shell32

CommandLineToArgvW

ole32

CoInitialize

msvcp60

??0_Lockit@std@@QAE@XZ
??1_Lockit@std@@QAE@XZ

msvcrt

__dllonexit
_exit
??1type_info@@UAE@XZ
free
_except_handler3
_initterm
__getmainargs
_acmdln
exit
_CxxThrowException
strlen
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_XcptFilter
_onexit
memset
_controlfp
memcpy
__CxxFrameHandler
??2@YAPAXI@Z

Sections

.text
Size: 35KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 203KB - Virtual size: 202KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 852B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 928B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

44ec7e47402caa9c3483f6fc36c6b077

Headers

File Characteristics

Imports

shlwapi

kernel32

user32

advapi32

shell32

ole32

msvcp60

msvcrt

Sections

.text Size: 35KB - Virtual size: 34KB

.rdata Size: 203KB - Virtual size: 202KB

.data Size: 1024B - Virtual size: 852B

.rsrc Size: 1024B - Virtual size: 928B

.text
Size: 35KB - Virtual size: 34KB

.rdata
Size: 203KB - Virtual size: 202KB

.data
Size: 1024B - Virtual size: 852B

.rsrc
Size: 1024B - Virtual size: 928B