c2eb84445ad3247810e12ed9ed6c30ee438dd8b84e9b52ed99a3b4d22c81dbc6

Sharing

Copy URL Twitter E-mail

General

Target

c2eb84445ad3247810e12ed9ed6c30ee438dd8b84e9b52ed99a3b4d22c81dbc6
Size

228KB
MD5

cbc7ae94269553c91b0e62a3c4ef6391
SHA1

e390e11711bc689486206220b5fb826ff4884638
SHA256

c2eb84445ad3247810e12ed9ed6c30ee438dd8b84e9b52ed99a3b4d22c81dbc6
SHA512

69ed740e7199dbdcab8907f773d02b49d4a89800ec0da8a559a88483f51df4f8c96fed6d520af7d759637616cc859713f7d862b2c5ff8b3e46de40cc076c0b4b
SSDEEP

3072:F5rP64t9Ihf0IPmYxnHPhowVJqPQsywmcXi66lTmuJo9AOmY:7P6k9Ihf0IP/nvhowVMP5pNiLO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c2eb84445ad3247810e12ed9ed6c30ee438dd8b84e9b52ed99a3b4d22c81dbc6

Files

c2eb84445ad3247810e12ed9ed6c30ee438dd8b84e9b52ed99a3b4d22c81dbc6
.dll windows:4 windows x86 arch:x86

344ed6ffec7f3fe7fc019e97b97ce20e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

FillRect
CreatePopupMenu
DestroyMenu
TrackPopupMenu
AppendMenuA
PtInRect

gdi32

SetTextAlign
CreateSolidBrush
CreateFontIndirectA
SetTextColor
SetBkMode
TextOutA
DeleteObject
LineTo
MoveToEx
SelectObject
CreatePen

msimg32

GradientFill

kernel32

TlsGetValue
GetCurrentProcess
HeapSize
SetEnvironmentVariableA
SetEndOfFile
CreateFileA
GetLocaleInfoW
EnterCriticalSection
Sleep
InitializeCriticalSection
InterlockedExchange
DeleteCriticalSection
LeaveCriticalSection
InterlockedDecrement
InterlockedIncrement
WideCharToMultiByte
MultiByteToWideChar
RtlUnwind
RaiseException
HeapFree
GetCommandLineA
GetVersion
HeapAlloc
HeapReAlloc
ExitProcess
LCMapStringA
LCMapStringW
GetCPInfo
CompareStringA
CompareStringW
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
GetModuleFileNameA
GetLastError
GetProcAddress
GetModuleHandleA
TerminateProcess
GetEnvironmentStrings
FreeEnvironmentStringsW
CloseHandle
SetUnhandledExceptionFilter
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
WriteFile
SetFilePointer
FlushFileBuffers
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
LoadLibraryA
FreeEnvironmentStringsA
GetOEMCP
GetStringTypeA
GetEnvironmentStringsW
IsValidLocale
IsValidCodePage
GetLocaleInfoA
EnumSystemLocalesA
GetUserDefaultLCID
GetVersionExA
IsBadCodePtr
GetStringTypeW
GetTimeZoneInformation
IsBadReadPtr
SetStdHandle
ReadFile
GetACP

Exports

Exports

getModuleProperties
makeModule

Sections

.text
Size: 164KB - Virtual size: 160KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

344ed6ffec7f3fe7fc019e97b97ce20e

Headers

File Characteristics

Imports

user32

gdi32

msimg32

kernel32

Exports

Exports

Sections

.text Size: 164KB - Virtual size: 160KB

.rdata Size: 24KB - Virtual size: 23KB

.data Size: 20KB - Virtual size: 24KB

.reloc Size: 16KB - Virtual size: 12KB

.text
Size: 164KB - Virtual size: 160KB

.rdata
Size: 24KB - Virtual size: 23KB

.data
Size: 20KB - Virtual size: 24KB

.reloc
Size: 16KB - Virtual size: 12KB