c2af66c21ad1f6a3c889bbff0ace63a9

Sharing

Copy URL Twitter E-mail

General

Target

c2af66c21ad1f6a3c889bbff0ace63a9
Size

542KB
MD5

c2af66c21ad1f6a3c889bbff0ace63a9
SHA1

1b5bb0e2a9f31c0d3c8c231d23abba941c0c2f34
SHA256

4210ef9256d9aae47625749ad353124432e2be637afd7be1ba6841f84718829c
SHA512

c3dbbb7f76fd388cca9ba7c87093e602f9394f81049afe04fd8563ac593497eccece88096704e1f1c11e704594ae87a922bb1afae71ce3ad0c4ae1261dcf0dcc
SSDEEP

12288:oCSJxejDKiEEXX9uL8K85XC5kcnyGf0bpNYb2:oNnejDKiESXBK85ynyBS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c2af66c21ad1f6a3c889bbff0ace63a9

Files

c2af66c21ad1f6a3c889bbff0ace63a9
.exe windows:4 windows x86 arch:x86

d2e141ed79801259239fe9800ca0e765

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

IsIconic
RegisterClassExA
RegisterClassA

kernel32

ReadFile
GetSystemTimeAsFileTime
GetACP
HeapDestroy
HeapReAlloc
HeapSize
SetEnvironmentVariableA
GetFileType
IsValidCodePage
FlushFileBuffers
WideCharToMultiByte
GetEnvironmentStrings
GetLocaleInfoA
GetCommandLineA
GetEnvironmentStringsW
VirtualProtect
GetCurrentProcess
GetCurrentThreadId
TlsAlloc
TlsFree
FreeEnvironmentStringsA
GetDateFormatA
TlsSetValue
IsValidLocale
GetVolumeInformationA
GetOEMCP
GetPrivateProfileSectionNamesW
CreateMutexA
HeapFree
TerminateProcess
SetStdHandle
CloseHandle
UnhandledExceptionFilter
GetStartupInfoW
GetVersionExA
GetCommandLineW
LoadLibraryA
GetStartupInfoA
VirtualQuery
CompareStringW
InitializeCriticalSection
GetStdHandle
ExitProcess
IsBadWritePtr
DeleteCriticalSection
GetCPInfo
TlsGetValue
SetLastError
GetCurrentThread
GetModuleFileNameA
VirtualAlloc
GetUserDefaultLCID
GetCurrentProcessId
RtlUnwind
HeapAlloc
GetModuleHandleA
SetFilePointer
GetTimeZoneInformation
OpenMutexA
GetTickCount
GetLocaleInfoW
MultiByteToWideChar
FreeEnvironmentStringsW
WriteFile
EnumSystemLocalesA
LCMapStringA
GetStringTypeA
SetHandleCount
GetLastError
CompareStringA
VirtualFree
LocalHandle
GetProcAddress
InterlockedExchange
GetTimeFormatA
GetModuleFileNameW
GetStringTypeW
LCMapStringW
EnterCriticalSection
HeapCreate
LeaveCriticalSection
QueryPerformanceCounter
GetSystemInfo

comctl32

InitCommonControlsEx

Sections

.text
Size: 204KB - Virtual size: 203KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 313KB - Virtual size: 313KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d2e141ed79801259239fe9800ca0e765

Headers

File Characteristics

Imports

user32

kernel32

comctl32

Sections

.text Size: 204KB - Virtual size: 203KB

.rdata Size: 7KB - Virtual size: 31KB

.data Size: 313KB - Virtual size: 313KB

.rsrc Size: 16KB - Virtual size: 15KB

.text
Size: 204KB - Virtual size: 203KB

.rdata
Size: 7KB - Virtual size: 31KB

.data
Size: 313KB - Virtual size: 313KB

.rsrc
Size: 16KB - Virtual size: 15KB