c2e0e556d3075f86cc98b8e7bfd3ede6

Sharing

Copy URL Twitter E-mail

General

Target

c2e0e556d3075f86cc98b8e7bfd3ede6
Size

379KB
MD5

c2e0e556d3075f86cc98b8e7bfd3ede6
SHA1

f5007ae84fa57dddb0d7c3583c553340a9c6ecaa
SHA256

b537a87ca249ce8a81ccc76cd7cb601a282c2d66167ac6ce097dc41354d3bf95
SHA512

2f4879f893d0a2fed48474e458a02a73d7b74da468e450de8d398953a8e8719a39f63d9f689a767216c05863213c9356a879c4b318aca213ef78b5219dc2570c
SSDEEP

6144:JfsZywWPewIVdgRpdcJzaX7RHsSV6ouvUevyd2XOLuiO:JUZywpwFpdcVaX7dsSV68em2XOL9O

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c2e0e556d3075f86cc98b8e7bfd3ede6

Files

c2e0e556d3075f86cc98b8e7bfd3ede6
.exe windows:4 windows x86 arch:x86

432e06277436ca4d4bbb1bb0962e128d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc
CreateMutexA
UnhandledExceptionFilter
GetLastError
GetProcAddress
VirtualQuery
DeleteCriticalSection
HeapCreate
GetOEMCP
GetStartupInfoA
CompareStringW
GetStringTypeW
SetLastError
LeaveCriticalSection
TlsAlloc
WriteFile
CloseHandle
GetEnvironmentStrings
GetCommandLineW
SetHandleCount
EnumSystemLocalesA
HeapSize
GetStdHandle
FreeEnvironmentStringsA
RtlUnwind
InterlockedExchange
EnterCriticalSection
GetCurrentThread
TerminateProcess
ReadFile
GetCurrentProcessId
IsValidLocale
TlsFree
GetCPInfo
GetACP
GetStartupInfoW
GetStringTypeA
GetCommandLineA
InitializeCriticalSection
GetModuleHandleA
TlsGetValue
GetTickCount
LoadLibraryA
GetCurrentThreadId
WideCharToMultiByte
GetModuleFileNameA
SetStdHandle
LCMapStringA
MultiByteToWideChar
FreeEnvironmentStringsW
ExitProcess
HeapAlloc
HeapDestroy
GetSystemInfo
GetVersionExA
LCMapStringW
IsBadWritePtr
IsValidCodePage
GetLocaleInfoW
FlushFileBuffers
VirtualFree
GetEnvironmentVariableW
GetDateFormatA
GetProfileStringW
HeapFree
SetFilePointer
GetLocaleInfoA
GetTimeFormatA
SetEnvironmentVariableA
OpenMutexA
QueryPerformanceCounter
GetModuleFileNameW
GetTimeZoneInformation
TlsSetValue
HeapReAlloc
GetEnvironmentStringsW
GetCurrentProcess
VirtualProtect
GetFileType
CompareStringA
GetUserDefaultLCID
GetSystemTimeAsFileTime

shell32

ExtractIconEx

comdlg32

ReplaceTextW
ChooseColorA
GetSaveFileNameA

comctl32

InitCommonControlsEx

user32

RegisterClassExA
GetMessageExtraInfo
WINNLSGetEnableStatus
ClientToScreen
RegisterClassA

Sections

.text
Size: 158KB - Virtual size: 157KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 207KB - Virtual size: 207KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

432e06277436ca4d4bbb1bb0962e128d

Headers

File Characteristics

Imports

kernel32

shell32

comdlg32

comctl32

user32

Sections

.text Size: 158KB - Virtual size: 157KB

.rdata Size: 7KB - Virtual size: 33KB

.data Size: 207KB - Virtual size: 207KB

.rsrc Size: 5KB - Virtual size: 4KB

.text
Size: 158KB - Virtual size: 157KB

.rdata
Size: 7KB - Virtual size: 33KB

.data
Size: 207KB - Virtual size: 207KB

.rsrc
Size: 5KB - Virtual size: 4KB