c2a8a14fbc93ff1849f7970c98ebac4f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c2a8a14fbc93ff1849f7970c98ebac4f
Size

636KB
MD5

c2a8a14fbc93ff1849f7970c98ebac4f
SHA1

ccf4aed8d6f090a74e51b2b3ce936317035e136e
SHA256

b13114070971166538c8fc35edb69ca1c995c82ab88b975a762abcb16c3dfca9
SHA512

c5e926ba210b2c0b2554b3f7c23fc6f1724594ec710f1c438e64534e1e1326b9d1237672c2a898214a2df104af4fc799c95d72e00f93b45bf895a4f7bed47d92
SSDEEP

12288:WkxkB3WHQjD4JIVhFpDT0o63+wiaAslHUX5DeBEhpe6VGb5+cSABkz6:WRUwD4JSFpJ6OwiaXHUqEhQDbETABk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c2a8a14fbc93ff1849f7970c98ebac4f

Files

c2a8a14fbc93ff1849f7970c98ebac4f
.exe windows:4 windows x86 arch:x86

06074c3cb4363a814d681aa1272be067

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SuspendThread
HeapReAlloc
GetAtomNameA
GetVersion
GetTickCount
WaitForSingleObject
CloseHandle
VirtualProtect
lstrlenA
GetSystemDefaultLangID
SetConsoleCP
GlobalUnlock
GetModuleHandleA
LoadLibraryExA
GetCommandLineA
InterlockedExchange
GetConsoleCP
HeapCreate
CompareFileTime
WaitForMultipleObjects
GetStdHandle

user32

DrawCaption
FillRect
GetKeyState
IsDialogMessage
CreateMenu
SetScrollInfo
CreateIcon
DragObject
SetWindowPos
GetCursorInfo
FindWindowA
DispatchMessageA
EnableScrollBar
DestroyMenu
DialogBoxParamA
CreateCursor
InsertMenuA
CopyImage
GetDlgItem
SetPropA
InvertRect
GetKeyboardLayout

advapi32

RegCloseKey
RegEnumValueA
RegEnumKeyA
RegQueryInfoKeyA
RegCreateKeyExA

uxtheme

GetThemeColor

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 626KB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 584KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ