c2be6998b241e400ad997226ad7ed51c | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c2be6998b241e400ad997226ad7ed51c
Size

272KB
MD5

c2be6998b241e400ad997226ad7ed51c
SHA1

efda68e5d068451b1e71799273cca342024114a4
SHA256

d9b686ecf8d3b8b24fa2a762dd05dcacc6359b7ec5b9d4c109b0f611b8a8b6e7
SHA512

8cfb34b5339744f801c92058ee3b2d54c00c85237cc51b3a97bd0fb26385d586f815b66a6796b355b20e60746d9076acb18966f29c9c63780a4696a0fbc40c7f
SSDEEP

6144:gZ6hV6V9ftHRi9aQOIqQ82GPmrvuz00Uwqkfew6EL9L:gZ6uV9fnopOIqQuPQDBDZEL9L

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c2be6998b241e400ad997226ad7ed51c

Files

c2be6998b241e400ad997226ad7ed51c
.exe windows:4 windows x86 arch:x86

a391eb27aa6044b55b81497c160bc972

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetAtomNameA
HeapSize
GetTimeFormatA
RtlUnwind
TlsGetValue
MultiByteToWideChar
GetDateFormatA
GetLocaleInfoA
GetCPInfo
GetConsoleOutputCP
EnumResourceTypesA
HeapReAlloc
GetOEMCP
TlsAlloc
GetACP
IsProcessorFeaturePresent
TlsSetValue
VirtualAlloc
SetStdHandle
WriteConsoleA
IsValidCodePage
SetFilePointer
RaiseException

rpcrt4

RpcStringFreeA

shell32

SHDefExtractIconA
SHGetFileInfoA
ShellExecuteExA
SHGetPathFromIDListA
SHBrowseForFolderA
DragAcceptFiles
Shell_NotifyIconA

Sections

.text
Size: 134KB - Virtual size: 133KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 928B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 135KB - Virtual size: 271KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ