c2b692004be588eb87b74dd40f05af3b | Triage

Sharing

General

Target

c2b692004be588eb87b74dd40f05af3b
Size

47KB
MD5

c2b692004be588eb87b74dd40f05af3b
SHA1

9d6f43f9bbfcfef7bf2c4cf76f29ea629e9869c4
SHA256

008339dfd1153bb878f58753c22c0c2fa1190f1832197d69c547f83cdb214479
SHA512

dba7c25d1e401cc5f64311466fc40c41fbc5c35c75c7d3b138e7c02b872d12bc55e6d1fa0a0c9b5bf4bcc2578e7bda901b7c94a27ff3ba94ea917475ef7b8831
SSDEEP

768:BDVmqxpLzKnAczSpkXN3Okwob+05D2h077ZYwlXOlerMcOnDMEptZdsAUm4WW5x/:FpLzKASSaXhv5D2u77/+UrMcIvwAex/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c2b692004be588eb87b74dd40f05af3b

Files

c2b692004be588eb87b74dd40f05af3b
.exe windows:4 windows x86 arch:x86

b09029edd5082e00b3cc57080d33915b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
FindResourceExA
SearchPathA
OpenMutexA
FindAtomA
ReleaseMutex
DeleteCriticalSection
SetEvent
GetVersionExW
GetTickCount
CreateMutexA
Sleep
SetLastError
GetModuleHandleA
FindClose
VirtualProtect
CreateThread
GetLastError
lstrlenA
TlsGetValue

user32

IsIconic
GetKeyState
CopyImage
DialogBoxParamA
EndDialog
FlashWindow
CloseWindow
DragDetect
DispatchMessageA
GetMessageA
CreateWindowExA
EqualRect
CreateMenu
EnableWindow

loghours

DialinHoursDialogEx
DialinHoursDialog
DirSyncScheduleDialogEx
LogonScheduleDialog
DirSyncScheduleDialog

advapi32

RegCloseKey

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ