2c503baff16b55a21344a28e8a67091f3e4fd032e248829dea27acb84221a7ba

Sharing

Copy URL

Twitter E-mail

General

Target

2c503baff16b55a21344a28e8a67091f3e4fd032e248829dea27acb84221a7ba
Size

143KB
MD5

84336b022808645081a048f830bec467
SHA1

4bcecbf966dd4c6f35a827c1f37a5f1cbdc209d7
SHA256

2c503baff16b55a21344a28e8a67091f3e4fd032e248829dea27acb84221a7ba
SHA512

984f635adcddfd6d6b61c776e1702960a47437ee7b30bad01bf6f072840ca689514c185256decd3afdf05c9266265ad171c1341dbaaade2a8c625964886ca1ed
SSDEEP

3072:a2svraAop2+T5NyYs+rAestrxD4yJtPpsCaSpB:Zs+p2+FNJ+rtdVp9HB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
unpack001/1d778359ab155cb190b9f2a7086c3bcb4082aa195ff8f754dae2d665fd20aa05.exe

Files

2c503baff16b55a21344a28e8a67091f3e4fd032e248829dea27acb84221a7ba
.zip

Password: infected
1d778359ab155cb190b9f2a7086c3bcb4082aa195ff8f754dae2d665fd20aa05.exe
.exe windows:5 windows x86 arch:x86

0f630aaf8b5c4e958445ec0c2d5ec47e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

*Qf69@+mESRA.RY7*+6XEF#NH.pdb

Imports

secur32

EnumerateSecurityPackagesA

msvcrt

_controlfp
_except_handler3
?terminate@@YAXXZ
__set_app_type
__p__fmode
__p__commode
__setusermatherr
_amsg_exit
_initterm
_acmdln
exit
_ismbblead
_XcptFilter
_exit
_cexit
__getmainargs

kernel32

GetThreadLocale
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
GetModuleHandleA
SetUnhandledExceptionFilter
GetStartupInfoA
InterlockedCompareExchange
Sleep
InterlockedExchange
FlushInstructionCache
EnumUILanguagesW
GetConsoleSelectionInfo
PrepareTape

gdi32

SetBitmapDimensionEx

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 51KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.crt1
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

CRT
Size: 39KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.crt
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 73KB - Virtual size: 73KB

IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Password: infected

0f630aaf8b5c4e958445ec0c2d5ec47e

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

secur32

msvcrt

kernel32

gdi32

Sections

.text Size: 13KB - Virtual size: 13KB

.rdata Size: 51KB - Virtual size: 50KB

.data Size: 2KB - Virtual size: 7KB

.crt1 Size: 10KB - Virtual size: 10KB

CRT Size: 39KB - Virtual size: 39KB

.crt Size: 15KB - Virtual size: 14KB

.rsrc Size: 73KB - Virtual size: 73KB

.reloc Size: 1KB - Virtual size: 2KB

.text
Size: 13KB - Virtual size: 13KB

.rdata
Size: 51KB - Virtual size: 50KB

.data
Size: 2KB - Virtual size: 7KB

.crt1
Size: 10KB - Virtual size: 10KB

CRT
Size: 39KB - Virtual size: 39KB

.crt
Size: 15KB - Virtual size: 14KB

.rsrc
Size: 73KB - Virtual size: 73KB

.reloc
Size: 1KB - Virtual size: 2KB