c2f8b971f090d0f458f0b042b69838c2 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c2f8b971f090d0f458f0b042b69838c2
Size

181KB
MD5

c2f8b971f090d0f458f0b042b69838c2
SHA1

fd9718a68cd7bad1d324579b4590c4aaae0a450b
SHA256

60833259812f7926d1a1820b1b3f578a4bab0f5ddc46a0502c5e9288fd40bea9
SHA512

a9fe36b09e5058c90fddbcea8780c5e4a80d73b836577eca44cdca445e1c5be130cdbe919ec285bb107cfe268388daef62ea9df20208704615bf01c784edfac4
SSDEEP

3072:Ll1uQXWWKlseFGydvvMWno70hIP1Uajp9C1j4sPi9I0lirPSHXyj9C:Z1uJlGy9oAGtD9aLOIQwSHCI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c2f8b971f090d0f458f0b042b69838c2

Files

c2f8b971f090d0f458f0b042b69838c2
.exe windows:4 windows x86 arch:x86

39ff9aa80647e110161aca5d08c7e00a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegCloseKey
RegCreateKeyExA
RegOpenKeyExA
RegSetValueExA
RegQueryValueExA

wininet

InternetReadFile
InternetOpenUrlA
InternetOpenA
InternetCloseHandle

kernel32

GetAtomNameW
GetVolumeInformationA
GetProfileStringA
UnlockFile
SearchPathA
SetEndOfFile
LockFile
FlushFileBuffers
EnumResourceNamesA
GetVersionExA
GetFileType
FileTimeToLocalFileTime
GetFileTime
FileTimeToSystemTime
IsDBCSLeadByte
TzSpecificLocalTimeToSystemTime
GetUserDefaultLangID
CompareStringA
FindResourceExW
GetFileAttributesW
GetSystemDirectoryA

oleacc

LresultFromObject
CreateStdAccessibleObject

shlwapi

PathAddBackslashA

setupapi

InstallCatalog
SetupDiGetDeviceRegistryPropertyW
CMP_WaitNoPendingInstallEvents
CM_Get_DevNode_Status

Sections

.text
Size: 95KB - Virtual size: 95KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 82KB - Virtual size: 81KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 264KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ