c2cb4fbecb1415d37df3186fa4e2daf4 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c2cb4fbecb1415d37df3186fa4e2daf4
Size

510KB
MD5

c2cb4fbecb1415d37df3186fa4e2daf4
SHA1

ac4e0db3a982d8dd11abee5631b67365efc9bc04
SHA256

17ad9cd3d2f082014e0ca95083ba4ab4c7f1dce8ea11f9fd9c399ab213add015
SHA512

6839e7c649e654d84782b241d79156fc8cca9243503e4728e7dc63d28a5d902a06e8ba7fb4f58e7282300fbee98859aa69c8d692145ef1bafb3c36e273c6e701
SSDEEP

12288:6MohLrrqnVRAEbAqh9yyuvBY8crF8eDeLmRRB0EDq2:6ZXqVRAEEqhwyuvBA6mBnDJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c2cb4fbecb1415d37df3186fa4e2daf4

Files

c2cb4fbecb1415d37df3186fa4e2daf4
.exe windows:4 windows x86 arch:x86

43f9c00fe4eb04e3934c295b86fa27ab

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
DeleteFileA
SuspendThread
lstrlenA
FileTimeToSystemTime
FindVolumeClose
CloseHandle
GetCommandLineA
GlobalFlags
EnumResourceTypesW
SetLastError
CreateSemaphoreA
WriteConsoleA
CloseHandle
HeapDestroy
GetEnvironmentVariableA
CreateEventW
GetStartupInfoA
HeapCreate
GetCommandLineA

advapi32

ControlService
RegCreateKeyExW
CloseEventLog
IsValidSid
IsValidAcl
RegEnumKeyA
RegDeleteValueA
InitializeSid
CreateServiceW
IsValidSid
IsValidSid
IsValidSid
IsValidSid

ddrawex

DllRegisterServer
DllRegisterServer
DllRegisterServer
DllRegisterServer

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 548KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 504KB - Virtual size: 503KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ