c2c85cc8ff40c93c2cb11344aed3dbde | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c2c85cc8ff40c93c2cb11344aed3dbde
Size

10KB
MD5

c2c85cc8ff40c93c2cb11344aed3dbde
SHA1

70a4d8a75e6091b6c1fc22e9c72fb3a1aa255eeb
SHA256

7de02dbeec4f16f0500d2cf856ad579371af83833de18008703ee1ddea48bc4c
SHA512

56f38526cd9059baa62043e4f729e48cab074ba6d4e57c80bd524020441b07343c4ab59761e44a504de22aba6c033dc95f0c9bf1d290bbf523abf41c5da5818f
SSDEEP

192:atgUf/lfAYylBUNd6+6lWbeQQlO97AZ1awArTWMo/bwW/:xU18HUNcQGxDArTWMo/bwW/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c2c85cc8ff40c93c2cb11344aed3dbde

Files

c2c85cc8ff40c93c2cb11344aed3dbde
.dll windows:4 windows x86 arch:x86

1e982a2924ab6faec56da748493ed041

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

ExitProcess
Sleep
CreateThread
lstrcmpiA
GetModuleFileNameA
GetProcAddress
LoadLibraryA
GetSystemDirectoryA
VirtualAlloc

msvcrt

strrchr
strcat
memcpy
free
_initterm
malloc
_adjust_fdiv

Exports

Exports

DriverProc
widMessage
wodMessage

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 162B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ