c2f3eb06781ec529bd478c8aeb6e0231 | Triage

Sharing

General

Target

c2f3eb06781ec529bd478c8aeb6e0231
Size

189KB
MD5

c2f3eb06781ec529bd478c8aeb6e0231
SHA1

6e9fbf6ef0d9014ad8d59c5769fad4312be52eba
SHA256

6569324aee84a42e0ad745c68c226f3b85f0ee65e1e9b10f12d02d6bbfe77c86
SHA512

addc96f3e22644900e8443f7f76cb22bd5062cf368ecc4425a0273558732136bbdad417aac5e3fe5e9711e354d57c14778759d6c6888f912a10fc2c79422a7d9
SSDEEP

3072:LoI8tABzySD8wDB3JbLqvt5a7QUN+gIMUQ+VGRbFws0w3yn/8RZvT4kogIq5Hg:LoI3BzMwB3JSa7v/P0On0w3QYb4aq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c2f3eb06781ec529bd478c8aeb6e0231

Files

c2f3eb06781ec529bd478c8aeb6e0231
.exe windows:5 windows x86 arch:x86

2375d524c42976fae310bde8d81ed6d0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

Q:\Iwykakg\udeez\BpVve\ooidsll.pdb

Imports

user32

GetWindow
CharLowerW
CharUpperBuffA
DrawTextExW
SetCursor
LoadMenuA
ClipCursor
DestroyAcceleratorTable
GetWindowLongA
GetScrollPos
FillRect
RegisterWindowMessageA

gdi32

Ellipse
SaveDC
GetNearestPaletteIndex
GetNearestColor
EnumFontsW
CreateDiscardableBitmap
SetDIBits

kernel32

VirtualProtect
HeapUnlock
OpenFileMappingW
HeapFree
GetFileAttributesExA
CreateEventW
lstrcmpiW
LoadLibraryW
GlobalGetAtomNameW
MoveFileA
LocalReAlloc
GetProcAddress

Exports

Exports

?YgjIeMifuFqdqapjfzmuHF@@YGHPAHK@Z
?gngBkKfpGOfpbpy@@YGMHPAF@Z

Sections

.text
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 1024B - Virtual size: 784B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 152KB - Virtual size: 232KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.crt
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ