c2d957b538f1aa18de2e44cbb03afb59

Sharing

Copy URL

Twitter E-mail

General

Target

c2d957b538f1aa18de2e44cbb03afb59
Size

140KB
MD5

c2d957b538f1aa18de2e44cbb03afb59
SHA1

1e9b3d95db344427b96bb3a87c055aa24a994e48
SHA256

22fabb5ab511b01d1877c203d77729afc165d0ae3a4f1eb04e80b166b82d229a
SHA512

c9df171b28790f257ae32fc9f2a9934eae5a88c49e2ca2fd40405f10b6e7a7386fe7861138a37880a950f4b9714e7d4831677af40f3058d14491072856ff82fb
SSDEEP

3072:aQSjMr4Kt/5EwopB98jsFLnDV+lAqR7ZGSDADeak7dJHB/AdGi:m+4Kt+HmjsFLwltGSsQLH5AdD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c2d957b538f1aa18de2e44cbb03afb59

Files

c2d957b538f1aa18de2e44cbb03afb59
.exe windows:4 windows x86 arch:x86

30fb5021be3e03493253891b4a946a75

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

_llseek
CreateFileA
GetLastError
CreateProcessA
GetStdHandle
GetCurrentDirectoryA
SetCurrentDirectoryA
ReadFile
GetExitCodeProcess
DeleteFileA
FindClose
FindNextFileA
FindFirstFileA
FlushFileBuffers
WriteFile
GetFileSize
Sleep
CopyFileA
GetTempFileNameA
GetFileAttributesA
CompareStringW
CompareStringA
LoadLibraryA
GetProcAddress
GetOEMCP
GetACP
GetCPInfo
SetEndOfFile
SetFilePointer
GetStringTypeW
GetStringTypeA
RtlUnwind
SetHandleCount
GetEnvironmentStringsW
GetSystemTime
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetModuleFileNameA
UnhandledExceptionFilter
GetLocalTime
SetEnvironmentVariableA
GetEnvironmentStrings
HeapDestroy
HeapCreate
SetStdHandle
CloseHandle
HeapFree
HeapAlloc
SetFileTime
LocalFileTimeToFileTime
SystemTimeToFileTime
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
GetCurrentProcess
GetTimeZoneInformation
VirtualFree
VirtualAlloc
HeapReAlloc
WideCharToMultiByte
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetFileType
TerminateProcess

user32

SetWindowTextA
EndDialog
GetDlgItem
SendMessageA
PostMessageA
EnableWindow
PeekMessageA
MessageBoxA
DialogBoxParamA
CreateDialogParamA
ShowWindow
UpdateWindow
GetMessageA
TranslateMessage
DispatchMessageA
DestroyWindow
GetDesktopWindow
GetWindowRect
MoveWindow
SetForegroundWindow

comctl32

ord17

lz32

LZClose
LZOpenFileA
LZCopy

Sections

.text
Size: 36KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 84KB - Virtual size: 81KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

30fb5021be3e03493253891b4a946a75

Headers

File Characteristics

Imports

kernel32

user32

comctl32

lz32

Sections

.text Size: 36KB - Virtual size: 34KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 12KB - Virtual size: 16KB

.rsrc Size: 84KB - Virtual size: 81KB

.text
Size: 36KB - Virtual size: 34KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 12KB - Virtual size: 16KB

.rsrc
Size: 84KB - Virtual size: 81KB