2c9d45410df26a0fbadc2fe57fd98ef46dfd08782e3afee29e9f0dc3da4e5521N

Sharing

Copy URL Twitter E-mail

General

Target

2c9d45410df26a0fbadc2fe57fd98ef46dfd08782e3afee29e9f0dc3da4e5521N
Size

396KB
MD5

e2c7932c8da12e55af6e9726bcca7f20
SHA1

3a244be0d95ab127eeba149a4b1bf02fef7531da
SHA256

2c9d45410df26a0fbadc2fe57fd98ef46dfd08782e3afee29e9f0dc3da4e5521
SHA512

1dc99d7ecd770ebcb8b0c306dad9086c5e391eedda3e6b01dbb797961112f1d1b2fb881d3ebab3c06a77d5f93273ab3d049bd6d1e9a5d359e90d3c81c855fdac
SSDEEP

12288:ndyll2ok27/CH/bUM1dGYiDeHCppEZ15BDQ2oSq:dwlj/CzUM1U7o15ha

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2c9d45410df26a0fbadc2fe57fd98ef46dfd08782e3afee29e9f0dc3da4e5521N

Files

2c9d45410df26a0fbadc2fe57fd98ef46dfd08782e3afee29e9f0dc3da4e5521N
.exe windows:5 windows x86 arch:x86

f0aadd7c6f7c9ab93e7f2030d5e0b551

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetThreadPriority
ExitThread
WaitForSingleObjectEx
EncodePointer
TryEnterCriticalSection
HeapFree
CreateFileA
EnumSystemLanguageGroupsA
HeapCreate
ConnectNamedPipe
GetSystemDefaultLCID
SetThreadAffinityMask
DecodePointer
InterlockedFlushSList
CreateFileMappingA
HeapSummary
GetSystemTimeAdjustment
ConvertDefaultLocale
WriteFileEx
HeapReAlloc
MapViewOfFileEx
GetTickCount
CreateEventA
HeapCompact
MapViewOfFile
lstrcatA
lstrcpynA
GetThreadPriorityBoost
SetThreadExecutionState
ReadFile
CallNamedPipeA
FlushViewOfFile
SetFilePointerEx
CreateThread
InterlockedPushEntrySList
GetSystemDefaultLangID
FileTimeToLocalFileTime
HeapDestroy
HeapAlloc
GetThreadLocale
SetEnvironmentVariableA
SwitchToThread
SetLocaleInfoA
FreeEnvironmentStringsA
GetNamedPipeInfo
LeaveCriticalSection
EnumSystemLocalesA
GetSystemTime
GetEnvironmentStringsA
VirtualAllocEx
InterlockedDecrement
lstrcpyW
lstrcpynW
GetFileTime
InterlockedIncrement
SuspendThread
GetQueuedCompletionStatus
GetThreadSelectorEntry
GetSystemTimeAsFileTime
CreateIoCompletionPort
SetEvent
EnterCriticalSection
WriteFileGather
CreateNamedPipeA
GetSystemTimes
WaitForSingleObject
InitializeCriticalSection
PeekNamedPipe
IsValidLanguageGroup
RtlFillMemory
OpenFileMappingA
SetFilePointer
GetUserDefaultLCID
InterlockedPopEntrySList
UnmapViewOfFile
lstrcmpW
OpenThread

advapi32

RegQueryValueExW
RegCreateKeyW
RegQueryValueExA
RegFlushKey
RegDeleteValueW

msvcrt

_adjust_fdiv
isdigit
_c_exit
__p__fmode
_initterm
__set_app_type
__setusermatherr

user32

ShowCursor
LoadBitmapW
FlashWindow
EndPaint
SetWindowTextW
GetSysColor
SetWindowPos
SetTimer
KillTimer
PostQuitMessage
GetWindowDC
DefWindowProcW
GetDesktopWindow
TranslateMessage
ReleaseDC

Sections

.text
Size: 242KB - Virtual size: 242KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 144KB - Virtual size: 143KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 372KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f0aadd7c6f7c9ab93e7f2030d5e0b551

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

advapi32

msvcrt

user32

Sections

.text Size: 242KB - Virtual size: 242KB

.data Size: 144KB - Virtual size: 143KB

.rsrc Size: 9KB - Virtual size: 372KB

.text
Size: 242KB - Virtual size: 242KB

.data
Size: 144KB - Virtual size: 143KB

.rsrc
Size: 9KB - Virtual size: 372KB