52c4 - Copia - Copy[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

52c4 - Copia - Copy.exe
Size

44.5MB
MD5

3535895c243c4a5bfc76c1e301699ed2
SHA1

c04fe8359b15a862b74deeab10a67f34040cc993
SHA256

d3957975e7a4f463773fcbec6f939c250393f62c5c470fafd00cff70f34f1cbd
SHA512

1a9127e8c738c0039adb63709afaa1d75ddcaa314f2c98302468a5bdd83cf45bc2a56523629c320d8359e10bb8ba6c3a6ae8099c643d9631cc4df3ab4541d544
SSDEEP

786432:XJwKB2jEM3w5ciA60fnO5ER3JugXll/N+ZYfSYFbS3NQ4PWMzFEc8ngSALb:XRKm5Xr0fnjR3Jug1l/N+ZmSeshZERna

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
52c4 - Copia - Copy.exe

Files

52c4 - Copia - Copy.exe
.exe windows:6 windows x86 arch:x86

a53d4e853d461b845fa91452869c0ebd

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetVersionExW
GetSystemTimeAsFileTime
HeapAlloc
HeapFree
ExitProcess
GetModuleHandleA
LoadLibraryA
GetProcAddress

user32

GetShellWindow

advapi32

GetUserNameA

ole32

CoCreateInstance

oleaut32

SysStringLen

ws2_32

WSAStartup

ntdll

RtlFreeHeap

d3d9

Direct3DCreate9

d3dx9_43

D3DXCreateTextureFromFileInMemoryEx

netapi32

NetWkstaGetInfo

imm32

ImmReleaseContext

Sections

.text
Size: - Virtual size: 2.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 405KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 841KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.upx0
Size: - Virtual size: 36.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.upx1
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.upx2
Size: 44.5MB - Virtual size: 44.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 469B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a53d4e853d461b845fa91452869c0ebd

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

ole32

oleaut32

ws2_32

ntdll

d3d9

d3dx9_43

netapi32

imm32

Sections

.text Size: - Virtual size: 2.3MB

.rdata Size: - Virtual size: 405KB

.data Size: - Virtual size: 841KB

.upx0 Size: - Virtual size: 36.3MB

.upx1 Size: 2KB - Virtual size: 1KB

.upx2 Size: 44.5MB - Virtual size: 44.5MB

.reloc Size: 2KB - Virtual size: 1KB

.rsrc Size: 512B - Virtual size: 469B

.text
Size: - Virtual size: 2.3MB

.rdata
Size: - Virtual size: 405KB

.data
Size: - Virtual size: 841KB

.upx0
Size: - Virtual size: 36.3MB

.upx1
Size: 2KB - Virtual size: 1KB

.upx2
Size: 44.5MB - Virtual size: 44.5MB

.reloc
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 512B - Virtual size: 469B