c2fbbcaedc4312b67c5780055754ab5a

Sharing

Copy URL Twitter E-mail

General

Target

c2fbbcaedc4312b67c5780055754ab5a
Size

84KB
MD5

c2fbbcaedc4312b67c5780055754ab5a
SHA1

76ccc5be520c02943afacefe5e2bcc8d610d4a46
SHA256

78fd23fed714aaaaa9c578106d08ab7331b3b34e341c05979f2c6ad7cfcf4349
SHA512

422a5b6efdebfbdccb0e0c0313e2c16d7c196bd438a73176686cf4fe2a2afbf003b1e657f08df66746faaa9886837bed4b22db9938ec2159907503ee36db3809
SSDEEP

768:8k6S5c2vfwO9/vP5FHx060hSt/gE4U376aNwcnxnTZooNCraHoVD8of:J6SakY4vP7X083maN5xaSCVoof

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c2fbbcaedc4312b67c5780055754ab5a

Files

c2fbbcaedc4312b67c5780055754ab5a
.exe windows:4 windows x86 arch:x86

e3a196a02fa1317c37d401b1acded4e0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

WSASocketA
setsockopt
htonl
sendto
gethostbyname
closesocket
recv
WSACleanup
WSAGetLastError
WSAStartup
socket
inet_addr
htons
connect
send
WSAAsyncSelect

kernel32

VirtualAlloc
SetUnhandledExceptionFilter
FlushFileBuffers
SetFilePointer
GetProcAddress
LoadLibraryA
FreeLibrary
LocalFree
MapViewOfFile
CloseHandle
GetVersionExA
UnmapViewOfFile
ExitProcess
CreateProcessA
CopyFileA
GetModuleFileNameA
GetSystemDirectoryA
GetCurrentDirectoryA
SetPriorityClass
GetCurrentProcess
ResumeThread
CreateThread
Sleep
ExpandEnvironmentStringsA
IsBadWritePtr
CreateFileA
GetTempPathA
WaitForSingleObject
TerminateThread
GlobalMemoryStatus
GetComputerNameA
GetCurrentProcessId
GetTickCount
HeapAlloc
GetProcessHeap
VirtualFree
GetLastError
HeapCreate
HeapDestroy
GetEnvironmentVariableA
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
WideCharToMultiByte
FreeEnvironmentStringsW
FreeEnvironmentStringsA
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
GetCPInfo
GetACP
GetOEMCP
ReadFile
SetStdHandle
WriteFile
MultiByteToWideChar
RtlUnwind
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
RaiseException
HeapFree
TerminateProcess
HeapReAlloc
HeapSize
UnhandledExceptionFilter

user32

wsprintfA
DefWindowProcA
PostQuitMessage
LoadIconA
LoadCursorA
RegisterClassA
CreateWindowExA
ShowWindow
UpdateWindow
GetMessageA
DispatchMessageA
TranslateMessage

advapi32

OpenSCManagerA
CreateServiceA
OpenServiceA
CloseServiceHandle
StartServiceA
RegisterServiceCtrlHandlerA
SetServiceStatus
StartServiceCtrlDispatcherA
GetSecurityInfo
SetEntriesInAclA
SetSecurityInfo

Sections

.text
Size: 52KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

e3a196a02fa1317c37d401b1acded4e0

Headers

File Characteristics

Imports

ws2_32

kernel32

user32

advapi32

Sections

.text Size: 52KB - Virtual size: 48KB

.rdata Size: 12KB - Virtual size: 11KB

.data Size: 16KB - Virtual size: 19KB

.text
Size: 52KB - Virtual size: 48KB

.rdata
Size: 12KB - Virtual size: 11KB

.data
Size: 16KB - Virtual size: 19KB