2c1d768699f94479a5130fbe1ca00ad3560b4c931a0ca919d75370855b31d0d9

Sharing

Copy URL Twitter E-mail

General

Target

2c1d768699f94479a5130fbe1ca00ad3560b4c931a0ca919d75370855b31d0d9
Size

6.5MB
MD5

534de5965c0f57972cdec613952fc6e9
SHA1

c548cd21c57f72dce400d63da476732199ca6337
SHA256

2c1d768699f94479a5130fbe1ca00ad3560b4c931a0ca919d75370855b31d0d9
SHA512

8a19ce38417fb0c64096b3654e97dc02df0a70b9eb9d805763755a213df3c5a1ba0b4aededa4938411c3c5fe3a4ea987dde5629bb908d730a6f49b73435f8237
SSDEEP

98304:UyOIieLe+W8jsDyLtkBxdOC1Zk4VMah3oMufgfHOTMZYh0f+7NDQcwBZL4:UyOIieLegjmktGyCXk4VhV2qHOoBL4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2c1d768699f94479a5130fbe1ca00ad3560b4c931a0ca919d75370855b31d0d9

Files

2c1d768699f94479a5130fbe1ca00ad3560b4c931a0ca919d75370855b31d0d9
.dll windows:6 windows x86 arch:x86

abcb5e44bc33d821e4305736f6e0dbe5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetLocalTime
CreateEventW
GetModuleFileNameA
DeleteCriticalSection
TlsAlloc
LocalFree
EnumResourceNamesW
CreateFileA
MapViewOfFile
UnmapViewOfFile
FindResourceW
EnumCalendarInfoW
VerSetConditionMask
CompareFileTime
SignalObjectAndWait
VirtualFree
ExpandEnvironmentStringsA
GetPrivateProfileStringW
VirtualQueryEx
SetCommState
OpenProcess
InitializeCriticalSectionAndSpinCount
GetFileAttributesA
GetFileAttributesW
MulDiv
CreateProcessA
GetOverlappedResult
MultiByteToWideChar
GlobalUnlock
RaiseException
VirtualAlloc
GetSystemTimeAsFileTime
LoadLibraryA
GetStringTypeW
GetVersion
CreateFileW
ReadConsoleW
WriteConsoleW
SetStdHandle
OutputDebugStringW
LoadLibraryExW
SetFilePointerEx
ReadFile
GetConsoleMode
GetConsoleCP
FlushFileBuffers
CloseHandle
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCurrentProcessId
QueryPerformanceCounter
GetModuleFileNameW
WriteFile
GetFileType
GetStdHandle
GetOEMCP
IsValidCodePage
VerifyVersionInfoW
GetACP
Beep
SizeofResource
Sleep
IsDBCSLeadByteEx
GetUserDefaultLangID
RtlCaptureContext
GetLogicalDrives
WaitForSingleObject
LoadResource
GetSystemDefaultUILanguage
GetDriveTypeW
EnterCriticalSection
IsDebuggerPresent
GetProcessHeap
HeapSize
GetModuleHandleExW
ExitProcess
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
WideCharToMultiByte
LeaveCriticalSection
EncodePointer
DecodePointer
GetLastError
HeapReAlloc
HeapFree
RtlUnwind
HeapAlloc
GetCommandLineA
GetCurrentThreadId
GetCPInfo
UnhandledExceptionFilter
SetUnhandledExceptionFilter
SetLastError
GetCurrentProcess
TerminateProcess
TlsGetValue
TlsSetValue
TlsFree
GetStartupInfoW
GetModuleHandleW
GetProcAddress
IsProcessorFeaturePresent
LCMapStringW
GetLocaleInfoW

user32

GetMenuStringW
DestroyAcceleratorTable
GetKeyState
GetWindowInfo
CreateIconIndirect
GetClassNameW
EnumChildWindows
InsertMenuW
BeginDeferWindowPos
GetWindow
CheckMenuItem
DrawFrameControl
ModifyMenuW
GetDC
GetMenu
CheckMenuRadioItem
SystemParametersInfoW
GetDesktopWindow
GetSysColorBrush
DrawMenuBar
MessageBoxW
MapWindowPoints
DestroyMenu
SetWindowTextW
GetWindowThreadProcessId

gdi32

GetTextExtentPoint32W
CombineRgn
SetROP2
GetRgnBox
GetTextExtentPointW
SetWindowOrgEx

advapi32

RegLoadKeyW
RegUnLoadKeyW
AdjustTokenPrivileges
StartServiceW
RegOpenKeyExA
OpenSCManagerW

shell32

ExtractIconExW
ShellExecuteW

ole32

CoInitialize

oleaut32

SysFreeString
SysReAllocStringLen
VariantClear

Sections

.text
Size: 536KB - Virtual size: 536KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 5.9MB - Virtual size: 26.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

abcb5e44bc33d821e4305736f6e0dbe5

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

Sections

.text Size: 536KB - Virtual size: 536KB

.data Size: 5.9MB - Virtual size: 26.1MB

.idata Size: 4KB - Virtual size: 4KB

.reloc Size: 12KB - Virtual size: 12KB

.text
Size: 536KB - Virtual size: 536KB

.data
Size: 5.9MB - Virtual size: 26.1MB

.idata
Size: 4KB - Virtual size: 4KB

.reloc
Size: 12KB - Virtual size: 12KB