c2a5a777e22dc5ecff6f515568cae979

General

Target

c2a5a777e22dc5ecff6f515568cae979
Size

20KB
MD5

c2a5a777e22dc5ecff6f515568cae979
SHA1

53cb8d8b66474e1a652f1096655a1849784dabf2
SHA256

06e1bde593dc180a654099a56d49b982be4992388eeceef0cc6c1e4bf2fdd0ac
SHA512

965fcc110655ebc9a00ee06dd1022f82ccdc0957e4626deae278cfa2a345baf20583d37cfc3f6b97ade574941180f03c2d6d74dda7fc069da2fb50843d6f0739
SSDEEP

384:/DICUUAnjd8VRXGqScgStjaaDMrwXAkfpohnMhLe/JU:/D19kjd8VRXbsaWMh4i

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c2a5a777e22dc5ecff6f515568cae979

Files

c2a5a777e22dc5ecff6f515568cae979
.exe windows:4 windows x86 arch:x86

a1809a289ed88214d88cc1533f2a979c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindFirstFileW
lstrcmpiA
GetSystemDefaultUILanguage
GetConsoleCursorMode
FindClose
ExitThread
lstrcmpW
FindNextFileW
DeleteCriticalSection
FreeLibrary
VirtualFree
GetLocaleInfoA
InitializeCriticalSection
LeaveCriticalSection
SetCurrentDirectoryA
VirtualQuery
EnterCriticalSection
FindClose
GetStdHandle
lstrcpynA
UnhandledExceptionFilter
ExitThread
GetCurrentDirectoryA
GetModuleFileNameA
GetThreadLocale
WriteFile
FindFirstFileA
WideCharToMultiByte
OpenFileMappingW
lstrlenA
GetProfileIntA
GetStartupInfoA

gdi32

UnrealizeObject

user32

ReplyMessage
WindowFromPoint
OpenIcon

oleaut32

SysFreeString
SysAllocStringLen
SysReAllocStringLen
SysFreeString

advapi32

RegQueryValueExA
RegDeleteKeyA
RegSetValueExA
RegQueryInfoKeyA
RegEnumKeyExA
RegOpenKeyExA
RegCreateKeyExA
RegCloseKey

Sections

.text
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a1809a289ed88214d88cc1533f2a979c

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

gdi32

user32

oleaut32

advapi32

Sections

.text Size: 9KB - Virtual size: 8KB

.data Size: 4KB - Virtual size: 5KB

.rsrc Size: 1KB - Virtual size: 1KB

.rdata Size: 5KB - Virtual size: 43KB

.text
Size: 9KB - Virtual size: 8KB

.data
Size: 4KB - Virtual size: 5KB

.rsrc
Size: 1KB - Virtual size: 1KB

.rdata
Size: 5KB - Virtual size: 43KB