c2baf4f3618a40b5f3ccdbd3f9550091

General

Target

c2baf4f3618a40b5f3ccdbd3f9550091
Size

177KB
MD5

c2baf4f3618a40b5f3ccdbd3f9550091
SHA1

474e7dd971d4928eae17b971531c56c1e3de267f
SHA256

671812b35538de750376cf6406d6e99a18aaa40265e75773dc293e89875ddec4
SHA512

16a7d0ef99dff981ee712b7f230e51a81ba43cd5a6179392dfe6e92e6acc365d9faec1dfaaaa889e8ae302a683a2a39f555b416a2905f5868b6a793f7ea0c3b4
SSDEEP

3072:7U4TB/yaSVGiV6NxLX01knsH6ptWWBO9grjJ4Zl1UfA06I9mEj:7U4Tl2G6UxWksapnBO9Y406A

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c2baf4f3618a40b5f3ccdbd3f9550091

Files

c2baf4f3618a40b5f3ccdbd3f9550091
.exe windows:1 windows x86 arch:x86

5bc72c02bff0835c27c4a14fad896182

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_except_handler3
_acmdln
__setusermatherr
_adjust_fdiv
_controlfp
_exit
_initterm
exit
__set_app_type
__p__fmode
_XcptFilter
__getmainargs
__p__commode
memcpy

kernel32

GetCommandLineW
InterlockedDecrement
GetNumberFormatA
GetModuleHandleA
GetFileType
FlushFileBuffers
IsValidCodePage
RaiseException
LCMapStringA
HeapCreate
FindClose
GetModuleFileNameA
GlobalUnlock
VirtualFree
WaitForMultipleObjects
GetConsoleMode
VirtualProtect
GlobalLock
GlobalMemoryStatus
LeaveCriticalSection
GetTickCount
SetProcessWorkingSetSize
lstrcatA
TlsFree
FreeLibrary
HeapAlloc
MultiByteToWideChar
LocalFree
MapViewOfFile
MulDiv
GetExitCodeThread
GetCurrentProcess
SetHandleCount
GetStartupInfoA

user32

AppendMenuA
ChangeDisplaySettingsA
CharPrevExA
CharNextExA
CharLowerBuffA
CreateWindowExA
GetActiveWindow
CharPrevA
GetDC
ArrangeIconicWindows
DialogBoxParamA
GetForegroundWindow
CallMsgFilterA
GetMenu
AdjustWindowRect
LoadMenuA
AnyPopup
AnimateWindow
ChangeClipboardChain
GetWindowDC
CharLowerA
FindWindowA
ActivateKeyboardLayout
CascadeWindows
BringWindowToTop
CharNextA
CallNextHookEx
BeginPaint
AdjustWindowRectEx

Sections

.text
Size: 111KB - Virtual size: 111KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 43KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 224KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5bc72c02bff0835c27c4a14fad896182

Headers

File Characteristics

Imports

msvcrt

kernel32

user32

Sections

.text Size: 111KB - Virtual size: 111KB

.rdata Size: 43KB - Virtual size: 43KB

.data Size: 8KB - Virtual size: 224KB

.rsrc Size: 13KB - Virtual size: 12KB

.text
Size: 111KB - Virtual size: 111KB

.rdata
Size: 43KB - Virtual size: 43KB

.data
Size: 8KB - Virtual size: 224KB

.rsrc
Size: 13KB - Virtual size: 12KB