c2643ac22a2c0950128c9e6455bff819 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c2643ac22a2c0950128c9e6455bff819
Size

572KB
MD5

c2643ac22a2c0950128c9e6455bff819
SHA1

606545906ffa3342dd52292b131d81257bfea6b6
SHA256

dd1da9556dcbb3bed55f616bb3e346821c15f0909a04de92ad8e387a8df3ad27
SHA512

bb3b0a6669747669ba80ec12d17580b0fff4bf3c32679414f01b52ddfbd7c40c3b3e85b17dddf2c8d9b55f3c11bc21cd9f2f0e9818cadf23db074be2614340ad
SSDEEP

12288:P4JF7Tzj8iD28wXvIZsXLsPCxFmkFBuA91MtSGapIGKGLtElz:P4/XjtD2dXvISXAP+mqGsTKi6lz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c2643ac22a2c0950128c9e6455bff819

Files

c2643ac22a2c0950128c9e6455bff819
.exe windows:4 windows x86 arch:x86

0dd3e711efb8565eaa62686cbe38e5df

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

UpdateWindow
EndDialog
KillTimer
SetWindowPos
DispatchMessageA
GetSysColor
SetWindowTextA
TranslateMessage
CreateWindowExA
GetSubMenu
SetTimer

kernel32

InterlockedExchange
GetCommandLineA
lstrlenA
ExitProcess
GetProcessHeap
HeapAlloc
GetLastError
HeapFree
EnterCriticalSection
SetHandleCount
GetModuleFileNameW
SetEvent
LeaveCriticalSection
GetOEMCP
GetFileSize
VirtualAlloc
CreateFileA
SetEndOfFile
FormatMessageA
FindClose
VirtualFree
CreateFileW
CreateProcessA
GetStringTypeW
GetACP
CloseHandle
SetUnhandledExceptionFilter
ReadFile
WideCharToMultiByte
CreateMutexA
FreeEnvironmentStringsW
GetCurrentProcessId
SizeofResource
GetStartupInfoA
DeleteCriticalSection
FreeEnvironmentStringsA
GetModuleFileNameA
FlushFileBuffers
TlsAlloc
HeapDestroy
QueryPerformanceCounter

Sections

.text
Size: 500KB - Virtual size: 498KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 68KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ