c2c3f8706e7a1931258b5a044133628ae4c13ba0560ce70d0b4ca141f2aed0e4 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c2c3f8706e7a1931258b5a044133628ae4c13ba0560ce70d0b4ca141f2aed0e4
Size

1020KB
MD5

d69e715da9fd0f0783885465890b4790
SHA1

2b2dd406f36d4e10058b856a938c4d2feeed3698
SHA256

c2c3f8706e7a1931258b5a044133628ae4c13ba0560ce70d0b4ca141f2aed0e4
SHA512

178170fa200be0ff32d15c90248a69c56caedc270dd25f4fe908ab04a2914ceb3915fcc4adcd51bfae48e070bb29f19fe5b70a11bda2473e37e7e9e7f441f185
SSDEEP

24576:nNaFYnyfroyaPNWqXBRCx1IeON87+hHyIyyag00vuxxG3O:nNajs7lu0eHYyIP5vuyO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c2c3f8706e7a1931258b5a044133628ae4c13ba0560ce70d0b4ca141f2aed0e4

Files

c2c3f8706e7a1931258b5a044133628ae4c13ba0560ce70d0b4ca141f2aed0e4
.exe windows:4 windows x86 arch:x86

006aa32705c27d3161b97b32dd7b3245

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

__vbaVarTstGt

msvcrt

strncpy

iphlpapi

GetInterfaceInfo

psapi

GetMappedFileNameW

kernel32

GetModuleFileNameW

user32

GetWindow

advapi32

RegDeleteKeyA

shell32

SHGetFolderPathW

Sections

.text
Size: 64KB - Virtual size: 164KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vmp
Size: 940KB - Virtual size: 940KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vmp
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ