c2980319f5d3c3f6e596bfa3eb209780

Sharing

Copy URL Twitter E-mail

General

Target

c2980319f5d3c3f6e596bfa3eb209780
Size

124KB
MD5

c2980319f5d3c3f6e596bfa3eb209780
SHA1

42a3413440aaa3365dbbc438fb76e4ed1c89aad5
SHA256

e1be2dc0fec16929a1ea06aa8fb3f5e83e241d8751a2eb7e8b4ea7406d9f85d9
SHA512

8b14d3546a42be531b0e36ad76435cb7596cdedf92c398d0efb6af330e2f6216c2bb2c4a2d9ffdd5c840ffb7dedc4207d3728313896f2487c8ffe74e87a5e4ad
SSDEEP

1536:o/bHoiYnkAZiDRl9NtjdAuQuHxTleYE1z8jqQt5bS:o/bkk7dAuQuHx94iqQt5bS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c2980319f5d3c3f6e596bfa3eb209780

Files

c2980319f5d3c3f6e596bfa3eb209780
.dll windows:4 windows x86 arch:x86

0537dde074002fa2846b8be54d0e4e55

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

euser

ord1366
ord503
ord1330
ord365
ord198
ord351
ord840
ord1317
ord1062
ord79
ord1444
ord1335
ord962
ord952
ord1113
ord368
ord1368
ord38
ord187
ord1703
ord1168
ord1722
ord1723
ord976
ord1927
ord522
ord1457
ord928
ord4
ord3
ord5

glxcommon

ord27
ord9
ord44

glxcommoncommandhandlers

ord17
ord19

kernel32

ExitProcess
IsBadReadPtr
RtlUnwind
RaiseException
TlsAlloc
InitializeCriticalSection
TlsFree
TlsGetValue
GetLastError
GetProcessHeap
HeapAlloc
TlsSetValue
LeaveCriticalSection
EnterCriticalSection
HeapFree
DeleteCriticalSection
GlobalAlloc
GlobalFree
SetFilePointer
WriteFile
CloseHandle
ReadFile
DeleteFileA

mpxcollectionutility

ord15

mpxcommon

ord6
ord138
ord276
ord232
ord149
ord44
ord118
ord210
ord199
ord113
ord112

user32

MessageBoxA

Exports

Exports

_E32Dll

Sections

.text
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.exc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 4KB - Virtual size: 84B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.SYMBIAN
Size: 4KB - Virtual size: 48B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 8KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 4KB - Virtual size: 131B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0537dde074002fa2846b8be54d0e4e55

Headers

File Characteristics

Imports

euser

glxcommon

glxcommoncommandhandlers

kernel32

mpxcollectionutility

mpxcommon

user32

Exports

Exports

Sections

.text Size: 24KB - Virtual size: 21KB

.rdata Size: 68KB - Virtual size: 67KB

.exc Size: 4KB - Virtual size: 1KB

.data Size: 4KB - Virtual size: 2KB

.CRT Size: 4KB - Virtual size: 84B

.SYMBIAN Size: 4KB - Virtual size: 48B

.idata Size: 4KB - Virtual size: 1KB

.bss Size: - Virtual size: 8KB

.edata Size: 4KB - Virtual size: 131B

.reloc Size: 4KB - Virtual size: 1KB

.text
Size: 24KB - Virtual size: 21KB

.rdata
Size: 68KB - Virtual size: 67KB

.exc
Size: 4KB - Virtual size: 1KB

.data
Size: 4KB - Virtual size: 2KB

.CRT
Size: 4KB - Virtual size: 84B

.SYMBIAN
Size: 4KB - Virtual size: 48B

.idata
Size: 4KB - Virtual size: 1KB

.bss
Size: - Virtual size: 8KB

.edata
Size: 4KB - Virtual size: 131B

.reloc
Size: 4KB - Virtual size: 1KB