c2d99b0a24052de79f9f528c1031a7a2

Sharing

Copy URL Twitter E-mail

General

Target

c2d99b0a24052de79f9f528c1031a7a2
Size

42KB
MD5

c2d99b0a24052de79f9f528c1031a7a2
SHA1

fc72f551b1145a8eb6b87793dd00fc7255fde0b2
SHA256

dd8bda6068a7e78e810578558db7339a01a53e330bbdf32abac2583e07980b62
SHA512

eac5411188566e2a0c3cb7d0a93ff34db026a1cf4f428aa45411298912c28a906d3a76c50e540d9492e0cfa9b51a57dd278ec19237d1a46edc6fd25e08c2d174
SSDEEP

768:LVQlVnKiW0DX/Djx8dV8w2c0GEXv4VmJqQklEwTv7O7CRFrlc0NbXJgHuDdr7svg:LVQTnKyDHO3Z0GEXghlfRzOcZ6udOu1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c2d99b0a24052de79f9f528c1031a7a2

Files

c2d99b0a24052de79f9f528c1031a7a2
.exe windows:4 windows x86 arch:x86

abeab51a48209d7ca5c34357d4a1f9c9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateDirectoryExA
DeleteFileA
EnumSystemLocalesW
ExitProcess
FindResourceExW
GetDiskFreeSpaceExA
GetDriveTypeA
GetExitCodeProcess
GetLogicalDrives
GetProcessVersion
GetStdHandle
GetStringTypeW
GetSystemTimeAsFileTime
GlobalFree
GlobalWire
InterlockedIncrement
IsSystemResumeAutomatic
OpenEventA
ReadConsoleOutputAttribute
ReleaseSemaphore
RequestDeviceWakeup
SetConsoleTextAttribute
SetLocaleInfoW
SetThreadContext
WritePrivateProfileSectionA

advapi32

AddAccessAllowedAce
AdjustTokenGroups
BackupEventLogW
BuildExplicitAccessWithNameA
BuildImpersonateTrusteeW
CryptDestroyHash
CryptSetProviderExW
CryptSignHashA
EnumServicesStatusA
GetFileSecurityW
GetNamedSecurityInfoExW
GetServiceDisplayNameA
InitiateSystemShutdownW
LookupAccountNameW
LookupSecurityDescriptorPartsW
OpenBackupEventLogW
OpenProcessToken
RegCreateKeyExA
RegEnumValueW
RegSetValueExA
SetFileSecurityA
SetServiceStatus

user32

CharPrevA
CharToOemBuffW
CopyAcceleratorTableA
DdeCmpStringHandles
DdeFreeDataHandle
DdeReconnect
DefDlgProcW
DestroyAcceleratorTable
GetAltTabInfo
GetMenuInfo
GetMenuItemInfoA
GetScrollBarInfo
GetScrollPos
GetWindowContextHelpId
IsRectEmpty
MenuItemFromPoint
MonitorFromWindow
SetCaretPos
SetDlgItemTextA
UnlockWindowStation
ValidateRect

gdi32

AngleArc
ColorMatchToTarget
CreatePolyPolygonRgn
CreateSolidBrush
ExtTextOutA
GdiGetBatchLimit
GetArcDirection
GetBrushOrgEx
GetCharWidthW
GetDeviceCaps
GetKerningPairsW
GetTextExtentExPointW
GetTextFaceW
GetWorldTransform
InvertRgn
LPtoDP
SetBitmapDimensionEx
SetBoundsRect
SetMapMode
UpdateICMRegKeyA

Sections

.text
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 41KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

abeab51a48209d7ca5c34357d4a1f9c9

Headers

File Characteristics

Imports

kernel32

advapi32

user32

gdi32

Sections

.text Size: 512B - Virtual size: 4KB

.data Size: 41KB - Virtual size: 52KB

.idata Size: - Virtual size: 4KB

.rsrc Size: - Virtual size: 12KB

.text
Size: 512B - Virtual size: 4KB

.data
Size: 41KB - Virtual size: 52KB

.idata
Size: - Virtual size: 4KB

.rsrc
Size: - Virtual size: 12KB