cd2c3340083e981fab590819cbc3d9f8

Sharing

Copy URL

Twitter E-mail

General

Target

cd2c3340083e981fab590819cbc3d9f8
Size

60KB
MD5

cd2c3340083e981fab590819cbc3d9f8
SHA1

13a842f5554327588cb9e15861550294a79b7582
SHA256

b30176399568008aacbec4927bc8e6f0607f59af15f84efce905ec874b264a23
SHA512

4e79b8ef26f236603ed0f94f160a5bffec6732cb39369f9768b96584717bbd8f1bffffe568095db709e5066ced92e94150f39d419c8e625da502a266cfe7b3c4
SSDEEP

1536:QwzpxlzyTbhZfTJzoBmReE4BgjmeUCQ95zXd3Wvq:PzpxlzyTbXCBmRxhdZCzXdGvq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cd2c3340083e981fab590819cbc3d9f8

Files

cd2c3340083e981fab590819cbc3d9f8
.exe windows:5 windows x86 arch:x86

efe1a246109846a3c1365f6650e3a651

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetLastError
GetCommandLineA
RaiseException
CreateProcessA
SetInformationJobObject
GetTempFileNameW
ReleaseSemaphore
TermsrvAppInstallMode
GlobalMemoryStatusEx
ExitProcess
GetStringTypeA
HeapAlloc
MapViewOfFile
GetProcessHeap
CloseHandle
VirtualQuery
IsProcessorFeaturePresent
HeapFree
GetThreadContext
SetFilePointer
LCMapStringA
LockFileEx
GetTempPathW
FreeLibrary
GetDiskFreeSpaceW
CreateFileMappingA
LocalFree
WriteFile
HeapReAlloc
GetStartupInfoA
CreateTimerQueue
DeviceIoControl
GetVersion
GetThreadLocale
InterlockedExchange
GetFileSize
GetVersionExA
SetConsoleWindowInfo
OpenThread
CreateFileA
ReadFile
FreeEnvironmentStringsW
GetCurrentDirectoryW
FormatMessageA
GetLogicalDriveStringsA
GetStringTypeW
LCMapStringW
SearchPathA
GetTempPathA
CreateFileW
GetLongPathNameW
GetProcAddress
SearchPathW
GetShortPathNameW
CreateProcessW
CompareFileTime

ole32

CoLockObjectExternal
CreateDataAdviseHolder
OleBuildVersion
CoQueryClientBlanket

version

VerQueryValueA
GetFileVersionInfoSizeA
GetFileVersionInfoA

advapi32

RegOpenKeyExA
RegQueryValueExA
RegCreateKeyExA
RegSetValueExA
RegCloseKey
RegDeleteKeyA
RegEnumValueA
RegEnumKeyA
RegDeleteValueA

shell32

SHFileOperationA
SHGetPathFromIDListA
SHGetFileInfoA
SHGetSpecialFolderLocation
ShellExecuteA
SHGetMalloc
SHBrowseForFolderA

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 119KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rxga
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 138KB - Virtual size: 271KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

efe1a246109846a3c1365f6650e3a651

Headers

File Characteristics

Imports

kernel32

ole32

version

advapi32

shell32

Sections

.text Size: 7KB - Virtual size: 7KB

.data Size: 7KB - Virtual size: 119KB

.rxga Size: 3KB - Virtual size: 3KB

.edata Size: 138KB - Virtual size: 271KB

.text
Size: 7KB - Virtual size: 7KB

.data
Size: 7KB - Virtual size: 119KB

.rxga
Size: 3KB - Virtual size: 3KB

.edata
Size: 138KB - Virtual size: 271KB