2c629d62fea650848c4009cafff91e33b1047181611364eeeee56430620af7ca[.]exe

General

Target

2c629d62fea650848c4009cafff91e33b1047181611364eeeee56430620af7ca.exe
Size

191KB
MD5

30c33e7e58544f87a665303845f0bace
SHA1

0d27d98ffa3b09522e2d102accfe1e78e8f38502
SHA256

2c629d62fea650848c4009cafff91e33b1047181611364eeeee56430620af7ca
SHA512

66fbc958543da2ab1ca08110d739ff2fba64c3b35c371cecff3e82c92a51348a00111bba0d4c98ac6bf0ba7e05a2b7af76b03b24ee97c80e03b212c958b097a6
SSDEEP

3072:5O0FGiGfYYlA6iQK0ZiBitGEWqcjuNl7sUmCkweP1y8NN1bjVgO0/:5dVEYYlA6idI8EWFjylvmCktN13Vgn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
2c629d62fea650848c4009cafff91e33b1047181611364eeeee56430620af7ca.exe

Files

2c629d62fea650848c4009cafff91e33b1047181611364eeeee56430620af7ca.exe
.exe windows:4 windows x86 arch:x86

c73b8852ca5b74c5fee8c98c34502890

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

TerminateProcess
WriteConsoleW
HeapFree
InitializeCriticalSection
CreateFileA
GetThreadPriority
ReadFile
SetUnhandledExceptionFilter
HeapSize
GetModuleHandleA
CloseHandle
SetStdHandle
GetProcessHeap
GetCurrentProcess
EnumSystemLocalesA
PurgeComm
LeaveCriticalSection
ExitProcess
GetCurrentThreadId
InterlockedIncrement
MultiByteToWideChar
DeleteCriticalSection
EnterCriticalSection
EnumResourceNamesA
HeapReAlloc
SetEndOfFile
WriteFile
GetConsoleOutputCP
RtlUnwind
WriteConsoleA
GetProcAddress
RaiseException
ExitProcess
IsDebuggerPresent
GetFullPathNameW
Sleep
GetCurrentDirectoryW
GetCommandLineA
InterlockedDecrement
GetCPInfo
UnhandledExceptionFilter
GetLastError
WideCharToMultiByte
GetModuleFileNameW
IsValidCodePage
LCMapStringA
GetVersionExA
HeapAlloc
GetLocaleInfoW
GlobalAlloc
LCMapStringW
IsValidLocale
GetUserDefaultLCID
GetFullPathNameA

rpcrt4

UuidCreate

advapi32

RegCreateKeyExW
RegCloseKey
RegSetValueExW

user32

GetClassLongA
MessageBoxW

shell32

SHFileOperationW
SHCreateDirectoryExW
SHGetFolderPathW

Sections

.text
Size: 160KB - Virtual size: 159KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 27KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.crt
Size: 512B - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c73b8852ca5b74c5fee8c98c34502890

Headers

File Characteristics

Imports

kernel32

rpcrt4

advapi32

user32

shell32

Sections

.text Size: 160KB - Virtual size: 159KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 27KB - Virtual size: 26KB

.crt Size: 512B - Virtual size: 88KB

.text
Size: 160KB - Virtual size: 159KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 27KB - Virtual size: 26KB

.crt
Size: 512B - Virtual size: 88KB