c30c1197b291408606bb28855e15778b

Sharing

Copy URL

Twitter E-mail

General

Target

c30c1197b291408606bb28855e15778b
Size

244KB
MD5

c30c1197b291408606bb28855e15778b
SHA1

2ee809f8bff882554fe37ab831f091f204097547
SHA256

6ac875b7184b2a5bce6c657668d1c272ba95943e8a6e9825b2b4f1b7796e8611
SHA512

908ad60e40e24e23618e321d933c55696b33784abffb39c00ce2effb6316b4cd79dd46805748cbf8c4a9110849642c948575f1f7c2bceaa8d8651803cb6a2167
SSDEEP

1536:9GGNIXKKvfbNHMKev3yr1l9Q1zTGdulN+cxFHCqnMKzvlLivl1iioYnDCzcZT6c:MZEPyb9QBTUcjH2uvlGvl4KDCzcZT6c

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c30c1197b291408606bb28855e15778b

Files

c30c1197b291408606bb28855e15778b
.exe windows:4 windows x86 arch:x86

42941736bca398c7925bff58670541b1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetComputerNameA
FindClose
FindNextFileA
FindFirstFileA
GetVersionExA
GetLastError
RemoveDirectoryA
SetCurrentDirectoryA
GetCurrentDirectoryA
CreateDirectoryA
GetCurrentProcess
SetFileAttributesA
OutputDebugStringA
GetCurrentThreadId
SetStdHandle
IsBadCodePtr
VirtualAlloc
VirtualFree
GetEnvironmentVariableA
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
HeapSize
TerminateProcess
HeapReAlloc
SetUnhandledExceptionFilter
GetStringTypeW
GetStringTypeA
GetOEMCP
GetACP
GetCPInfo
LCMapStringW
LCMapStringA
ExitProcess
GetCommandLineA
GetStartupInfoA
RaiseException
RtlUnwind
lstrcmpiA
Sleep
SetEndOfFile
FlushFileBuffers
CreateMutexA
WaitForSingleObject
ReleaseMutex
GetVersion
GetModuleHandleA
SetFileTime
GetFileTime
GetFileSize
DeleteFileA
GetModuleFileNameA
GetSystemDirectoryA
LoadLibraryA
GetProcAddress
FreeLibrary
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
HeapDestroy
HeapCreate
InitializeCriticalSection
HeapFree
HeapAlloc
MultiByteToWideChar
WideCharToMultiByte
IsBadReadPtr
IsBadWritePtr
lstrlenA
InterlockedDecrement
WriteFile
CreateFileA
ReadFile
SetFilePointer
CloseHandle
VirtualProtect

user32

wsprintfA
GetForegroundWindow
LoadStringA

shell32

SHGetPathFromIDListA
SHGetMalloc
SHGetSpecialFolderLocation

advapi32

RegOpenKeyExA
RegCreateKeyExA
RegSetValueExA
RegCloseKey
RegEnumKeyExA
RegEnumValueA
RegDeleteValueA
RegDeleteKeyA
GetUserNameA
RegQueryValueExA

ole32

CoCreateInstance
CoInitialize

Sections

.text
Size: 84KB - Virtual size: 82KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 120KB - Virtual size: 119KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 36KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

42941736bca398c7925bff58670541b1

Headers

File Characteristics

Imports

kernel32

user32

shell32

advapi32

ole32

Sections

.text Size: 84KB - Virtual size: 82KB

.rdata Size: 120KB - Virtual size: 119KB

.data Size: 36KB - Virtual size: 33KB

.text
Size: 84KB - Virtual size: 82KB

.rdata
Size: 120KB - Virtual size: 119KB

.data
Size: 36KB - Virtual size: 33KB