2c57ac755373010c1b9455c135897707fb0dfc53581d4bbe736ad24e4a8ec077 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2c57ac755373010c1b9455c135897707fb0dfc53581d4bbe736ad24e4a8ec077
Size

584KB
MD5

b1dab3a456bb8e9c3381499279a3b573
SHA1

d16c6f913b3bebdf698e2aa2e475771995462bc7
SHA256

2c57ac755373010c1b9455c135897707fb0dfc53581d4bbe736ad24e4a8ec077
SHA512

7819576d34e4ff05fd5690c85f08c4047ce727054a1b7669a1b6cf83e47755d7d519c886b78f4e9c09a04ce363da09c94d1008235f6a36d2caa206826d6727b9
SSDEEP

12288:gT0DudXezE09Si/ckGHt6pshsPSGkYl2XIQCb+Lk1TWbPXQnAN5L:7gXe4i7ojhsP5Lgrk1TWb4AN5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2c57ac755373010c1b9455c135897707fb0dfc53581d4bbe736ad24e4a8ec077

Files

2c57ac755373010c1b9455c135897707fb0dfc53581d4bbe736ad24e4a8ec077
.exe windows:4 windows x86 arch:x86

9ef5b5d8e4c09f5de41373a2a3ca384d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mozcrt19

calloc
strlen
strchr
strncmp
fputs
_amsg_exit
__getmainargs
_cexit
_exit
_XcptFilter
__initenv
_initterm
_initterm_e
_configthreadlocale
__setusermatherr
free
__p__commode
__p__fmode
_encode_pointer
__set_app_type
?terminate@@YAXXZ
_unlock
__dllonexit
_lock
_onexit
_decode_pointer
_except_handler4_common
_invoke_watson
_controlfp_s
_crt_debugger_hook
fopen
fread
ferror
fclose
memcpy
qsort
fwrite
__iob_func
fprintf
strcmp
perror
exit
_adjust_fdiv
_stat64i32

kernel32

UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
SetUnhandledExceptionFilter
InterlockedCompareExchange
Sleep
InterlockedExchange
IsDebuggerPresent

Sections

.text
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 948B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 568KB - Virtual size: 572KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE