c2ed70cfdc9b44a7f69af35a2f76f68d

Sharing

Copy URL Twitter E-mail

General

Target

c2ed70cfdc9b44a7f69af35a2f76f68d
Size

412KB
MD5

c2ed70cfdc9b44a7f69af35a2f76f68d
SHA1

03584f8d0244465691fd1e7baa66a99988917897
SHA256

14c4aa32d756a2f5b3df4e55c7f1fa1d1d98995860fb1fc4df2fd521bb219d1d
SHA512

cc7cbdbe98035157320ddfb68c5f502b68e19ba3114cc0f5a7c213ab497e8b88a0afbad61adf5d09342a7b4ae35a137d3285ffefc2b27ed6d06ef4f6c1b606bf
SSDEEP

12288:ONANK+2b/oqryXYgat3951xJ/UpIHI1ps:OGNQfMW51xJsGo1p

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c2ed70cfdc9b44a7f69af35a2f76f68d

Files

c2ed70cfdc9b44a7f69af35a2f76f68d
.exe windows:4 windows x86 arch:x86

edbed53255f12e3b3acd8786832cff8c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\ijlxwtfz\xyxjoe\lowoa\eusj\ltpbve.pdb

Imports

kernel32

LoadLibraryW
GetLastError
FlushFileBuffers
LCMapStringW
GetLocaleInfoA
WriteConsoleOutputW
CompareStringW
HeapReAlloc
CreateSemaphoreA
GetStdHandle
GetTempFileNameW
HeapCreate
Sleep
FillConsoleOutputCharacterW
SetConsoleScreenBufferSize
OpenMutexA
GetProcessHeap
SetStdHandle
SetLocalTime
TlsAlloc
TlsGetValue
InterlockedDecrement
TlsFree
GetCommandLineA
GetCurrentThread
RemoveDirectoryA
CreateMutexW
SetFilePointer
CreateMutexA
InterlockedIncrement
LockResource
GetStringTypeW
SetThreadPriority
GetProcAddress
InterlockedExchange
EnumDateFormatsExA
GlobalUnfix
GetLocaleInfoW
GlobalAddAtomA
GetTimeFormatA
LocalFlags
GetVersionExA
FreeResource
LCMapStringA
GetSystemTimeAsFileTime
EnterCriticalSection
SetThreadAffinityMask
LoadLibraryA
GetCurrentProcess
DuplicateHandle
ExitProcess
GetProcessHeaps
FindFirstFileExW
HeapFree
CompareStringA
ReleaseMutex
ReadConsoleOutputAttribute
FoldStringA
WideCharToMultiByte
SystemTimeToTzSpecificLocalTime
TlsSetValue
GetFileType
IsValidCodePage
GetCurrentThreadId
SetConsoleCursorInfo
IsDebuggerPresent
GetConsoleCP
FileTimeToLocalFileTime
WriteFile
LeaveCriticalSection
GetExitCodeThread
GetACP
GetFileSize
InitializeCriticalSection
HeapAlloc
SetConsoleActiveScreenBuffer
GetDateFormatA
VirtualFree
SleepEx
SetConsoleCtrlHandler
CreateFileA
DeleteCriticalSection
GetVersionExW
FindFirstFileA
GetEnvironmentStringsW
FileTimeToDosDateTime
GetOEMCP
GetPriorityClass
CreateRemoteThread
QueryPerformanceCounter
TerminateProcess
GetModuleHandleA
ContinueDebugEvent
GetStartupInfoA
UnhandledExceptionFilter
CloseHandle
GetCPInfo
LoadModule
RtlZeroMemory
GetModuleFileNameA
GetMailslotInfo
VirtualAlloc
SetUnhandledExceptionFilter
SetThreadContext
GetComputerNameA
GetCurrentProcessId
ExpandEnvironmentStringsW
lstrcpyW
WriteConsoleW
WaitNamedPipeA
GetConsoleMode
GetPrivateProfileStringW
SetHandleCount
GetEnvironmentStrings
EnumTimeFormatsA
IsValidLocale
GetThreadLocale
GetConsoleOutputCP
EnumSystemLocalesA
FreeLibrary
SetEnvironmentVariableA
FreeEnvironmentStringsA
GetUserDefaultLCID
GetStringTypeA
GlobalFree
ReadFile
FreeEnvironmentStringsW
OpenFileMappingA
GetLogicalDriveStringsA
EnumSystemCodePagesW
MultiByteToWideChar
HeapSize
GetTickCount
GetCompressedFileSizeW
RtlUnwind
SetLastError
GetConsoleTitleW
GetFileAttributesW
RtlFillMemory
GetFileAttributesExW
VirtualQuery
WriteConsoleA
GetTimeZoneInformation
HeapDestroy

user32

CreateAcceleratorTableA
DdeGetLastError
GetTabbedTextExtentA
CopyIcon
GetWindowRect
WINNLSEnableIME
DdeDisconnectList
MessageBoxW
GetIconInfo
RegisterClassExA
EnumDisplaySettingsExA
GetTitleBarInfo
GetTopWindow
CopyImage
KillTimer
GetDesktopWindow
SetDoubleClickTime
RegisterWindowMessageW
CreateDialogParamA
DrawIcon
CreateIconFromResourceEx
GetForegroundWindow
DdeQueryStringA
CreateWindowExA
EnumWindowStationsW
LoadKeyboardLayoutA
UnionRect
MessageBoxA
LoadCursorFromFileW
CharNextW
AdjustWindowRectEx
SetDlgItemTextA
DestroyWindow
DestroyCursor
DdeAccessData
DlgDirListComboBoxW
DialogBoxIndirectParamA
SetUserObjectInformationW
LoadKeyboardLayoutW
SetClassLongW
SetClipboardViewer
ChangeDisplaySettingsExA
GetWindowTextW
ValidateRgn
CharToOemW
DestroyCaret
DdeGetData
DrawTextW
LoadBitmapW
RegisterClassA
DefWindowProcA
EnumDesktopsA
LoadAcceleratorsW
ShowWindow
UnpackDDElParam
OpenWindowStationW
AppendMenuA
FlashWindowEx

comctl32

ImageList_ReplaceIcon
ImageList_SetIconSize
DrawStatusTextA
CreateStatusWindowW
ImageList_Remove
InitCommonControlsEx

Sections

.text
Size: 156KB - Virtual size: 152KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 80KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 96KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 76KB - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

edbed53255f12e3b3acd8786832cff8c

Headers

File Characteristics

PDB Paths

Imports

kernel32

user32

comctl32

Sections

.text Size: 156KB - Virtual size: 152KB

.rdata Size: 80KB - Virtual size: 77KB

.data Size: 96KB - Virtual size: 99KB

.rsrc Size: 76KB - Virtual size: 75KB

.text
Size: 156KB - Virtual size: 152KB

.rdata
Size: 80KB - Virtual size: 77KB

.data
Size: 96KB - Virtual size: 99KB

.rsrc
Size: 76KB - Virtual size: 75KB