c2f1d36681dea05fc24c9fb1524442c2

Sharing

Copy URL

Twitter E-mail

General

Target

c2f1d36681dea05fc24c9fb1524442c2
Size

419KB
MD5

c2f1d36681dea05fc24c9fb1524442c2
SHA1

5ce2b098b54c7d11a136984d5b979a6e2c61dfba
SHA256

a821fe6061c1b275c7ff8feb6b2ec18212c6dc0fe4415554f5dae62e8c7fdcd1
SHA512

a7103a67ed4ad87733532cdbf743569308fe2decfcfcd1a1877fb65b85f65530f7bc65f5082cddbde032cdfe59385a7e976c2c0b18a2f96507ad6143946a3d4b
SSDEEP

6144:nrfEQzHGUTwfUaGawvZakrGnRt4iginGXXrQwIAbo/tpjJBDJ41:nrfrmiYU3awvPrwBgiWQwm1p3m

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c2f1d36681dea05fc24c9fb1524442c2

Files

c2f1d36681dea05fc24c9fb1524442c2
.exe windows:4 windows x86 arch:x86

55ef506772023f30c92ed6e6c60bef33

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

k:\efsabp\cxegt\tra\uqvpuoef.pdb

Imports

user32

DefWindowProcW
MessageBoxA
DlgDirListW
IsIconic
InvalidateRgn
GetDesktopWindow
DialogBoxIndirectParamW
DdeAbandonTransaction
RegisterClassA
IsDialogMessageA
SetMenuItemBitmaps
ShowWindow
CopyAcceleratorTableA
DefWindowProcA
EndTask
ChangeClipboardChain
TileChildWindows
MoveWindow
CreateWindowExA
EnumPropsExA
BroadcastSystemMessageA
DestroyWindow
SetWindowLongA
MapVirtualKeyExA
IsDialogMessageW
SetWindowLongW
DdeFreeDataHandle
GetMonitorInfoA
SubtractRect
TrackMouseEvent
DdeSetUserHandle
IsCharAlphaNumericA
EnumDisplaySettingsExW
DlgDirListA
GetWindowPlacement
GetDlgItemInt
CreateIconFromResourceEx
RegisterClassW
RegisterClassExA

comctl32

CreateStatusWindowA
ImageList_GetIconSize
CreateStatusWindow
ImageList_AddIcon
ImageList_LoadImageW
ImageList_Read
MakeDragList
ImageList_Duplicate
ImageList_SetImageCount
ImageList_GetDragImage
DrawStatusTextA
ImageList_GetImageCount
ImageList_Write
_TrackMouseEvent
CreateStatusWindowW
DestroyPropertySheetPage
InitMUILanguage
ImageList_DragEnter
ImageList_Add
InitCommonControlsEx
ImageList_DragShowNolock
ImageList_GetImageInfo
GetEffectiveClientRect

kernel32

FileTimeToDosDateTime
LockResource
FoldStringW
UnlockFileEx
HeapDestroy
FreeEnvironmentStringsA
TlsSetValue
GetProcessHeap
SetEnvironmentVariableA
GetTimeZoneInformation
DebugBreak
LocalUnlock
GetStartupInfoW
GetSystemTimeAsFileTime
FlushViewOfFile
CreateMutexA
CreatePipe
GetPrivateProfileSectionA
GetDiskFreeSpaceA
VirtualFree
GlobalUnlock
DeleteFileA
HeapSize
GetPrivateProfileSectionNamesA
SetFilePointer
GetEnvironmentVariableA
GetEnvironmentStringsW
TerminateProcess
GetTempPathA
Sleep
TlsGetValue
FlushFileBuffers
WriteFile
QueryPerformanceCounter
GetAtomNameA
GetTempFileNameW
GetLastError
VirtualLock
DeleteFiber
IsBadWritePtr
LCMapStringW
CreateMailslotA
GetVersionExA
GetModuleFileNameA
OpenMutexA
FindNextFileW
InitializeCriticalSection
CloseHandle
GetStartupInfoA
GetVolumeInformationW
GetEnvironmentStrings
ReadFile
WriteConsoleOutputAttribute
GetOEMCP
CompareStringA
HeapReAlloc
TlsFree
GetStringTypeA
GetCPInfo
GlobalUnfix
GetDateFormatA
InterlockedExchange
HeapFree
FreeEnvironmentStringsW
CompareStringW
DeleteCriticalSection
VirtualAlloc
GetPrivateProfileIntA
GetCalendarInfoW
LeaveCriticalSection
GetStdHandle
GetNumberFormatW
GetTimeFormatA
GetFileAttributesW
SetComputerNameW
ExitThread
GetCurrentThread
SetLocalTime
WritePrivateProfileStructW
FlushInstructionCache
GetLocaleInfoW
lstrcatA
GetCurrentThreadId
LocalFileTimeToFileTime
LocalCompact
SetLastError
FindFirstFileExW
GetCurrentProcessId
ReadConsoleInputA
EnterCriticalSection
ReadConsoleInputW
IsValidLocale
GetACP
VirtualQuery
IsValidCodePage
CreateNamedPipeA
SetStdHandle
HeapCreate
GetPrivateProfileSectionNamesW
MultiByteToWideChar
CreateDirectoryA
LCMapStringA
ExitProcess
WideCharToMultiByte
GetCommandLineA
GetFileType
CreateFileMappingW
GetUserDefaultLCID
HeapAlloc
EnumSystemLocalesA
GetCommandLineW
GetTickCount
UnhandledExceptionFilter
GetLocalTime
GetProcAddress
lstrcmp
GetProfileSectionA
TlsAlloc
VirtualUnlock
RtlUnwind
GetModuleFileNameW
GetStringTypeW
VirtualProtect
SetConsoleCursorInfo
SetCurrentDirectoryA
GetLocaleInfoA
SetHandleCount
CreateFileMappingA
GetFullPathNameA
GetSystemInfo
GetModuleHandleA
LoadLibraryA
GetTimeFormatW
GetCurrentProcess

Sections

.text
Size: 138KB - Virtual size: 138KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 130KB - Virtual size: 129KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 97KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 52KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

55ef506772023f30c92ed6e6c60bef33

Headers

File Characteristics

PDB Paths

Imports

user32

comctl32

kernel32

Sections

.text Size: 138KB - Virtual size: 138KB

.rdata Size: 130KB - Virtual size: 129KB

.data Size: 97KB - Virtual size: 112KB

.rsrc Size: 52KB - Virtual size: 51KB

.text
Size: 138KB - Virtual size: 138KB

.rdata
Size: 130KB - Virtual size: 129KB

.data
Size: 97KB - Virtual size: 112KB

.rsrc
Size: 52KB - Virtual size: 51KB