2c4c515cfe33994ea7a8d567b7042c7e75cab3f5460e756cd6ee07321f789f71

Sharing

Copy URL Twitter E-mail

General

Target

2c4c515cfe33994ea7a8d567b7042c7e75cab3f5460e756cd6ee07321f789f71
Size

398KB
MD5

4441d14f56990122984a227141c225b6
SHA1

33307d3da94c06eb9be8071af8d77d9b38ed68b4
SHA256

2c4c515cfe33994ea7a8d567b7042c7e75cab3f5460e756cd6ee07321f789f71
SHA512

f4f7334f2b98f855317220ac9b57818a9296b33bbcb9a3d5764d22dd527f95aa41e474bfe037b53d8d26fb74c0db4189f66025aaee4b4236707c9d090523d769
SSDEEP

1536:OIoc9YiGTDNTxyMlnbHHOcfYVPkRLFztJpiOW:Fv0ThMMlbHu7qttJc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2c4c515cfe33994ea7a8d567b7042c7e75cab3f5460e756cd6ee07321f789f71

Files

2c4c515cfe33994ea7a8d567b7042c7e75cab3f5460e756cd6ee07321f789f71
.dll windows:4 windows x86 arch:x86

c77d844b1cfaa42d790f204c4b8a87e9

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
GetFileSize
Sleep
CreateFileA
GetProcAddress
LoadLibraryA
GetLastError
CreateMutexA
OpenProcess
GetCurrentProcessId
OutputDebugStringA
WriteFile
MultiByteToWideChar
VirtualAlloc
WaitForSingleObject
CreateProcessA
WinExec
WideCharToMultiByte
DeleteFileA
GetSystemDirectoryA
GetTempPathA
GetVersionExA
GetOEMCP
ReadFile
VirtualFree
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
SetEndOfFile
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
GetACP
GetCPInfo
InitializeCriticalSection
HeapSize
ExitThread
GetCurrentThreadId
CreateThread
GetFileAttributesA
GetCommandLineA
HeapFree
HeapAlloc
GetProcessHeap
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
EnterCriticalSection
LeaveCriticalSection
RaiseException
RtlUnwind
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
SetFilePointer
GetModuleHandleA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
ExitProcess
GetConsoleCP
GetConsoleMode
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapDestroy
HeapCreate
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
HeapReAlloc
SetStdHandle
FlushFileBuffers

user32

MessageBoxA
CharLowerA

advapi32

GetUserNameA

shell32

SHGetSpecialFolderPathA

wininet

HttpSendRequestA
InternetReadFile
InternetCloseHandle
InternetQueryOptionA
HttpAddRequestHeadersA
InternetOpenA
InternetConnectA
HttpOpenRequestA

psapi

EnumProcessModules
GetModuleBaseNameA

ws2_32

WSACleanup
inet_ntoa
gethostbyname
gethostname
WSAStartup

Exports

Exports

fuc_trend

Sections

.text
Size: 53KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.shell
Size: 320KB - Virtual size: 320KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c77d844b1cfaa42d790f204c4b8a87e9

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

shell32

wininet

psapi

ws2_32

Exports

Exports

Sections

.text Size: 53KB - Virtual size: 52KB

.rdata Size: 13KB - Virtual size: 12KB

.data Size: 5KB - Virtual size: 21KB

.reloc Size: 6KB - Virtual size: 6KB

.shell Size: 320KB - Virtual size: 320KB

.text
Size: 53KB - Virtual size: 52KB

.rdata
Size: 13KB - Virtual size: 12KB

.data
Size: 5KB - Virtual size: 21KB

.reloc
Size: 6KB - Virtual size: 6KB

.shell
Size: 320KB - Virtual size: 320KB