2ca09185bf4c9a91fbe61dc5c647747ffab0b0b4df1610369e2be0d40a7213fcN[.]exe

General

Target

2ca09185bf4c9a91fbe61dc5c647747ffab0b0b4df1610369e2be0d40a7213fcN.exe
Size

200KB
MD5

edf2ff7e9630753b934a75dbb68c6c70
SHA1

1e7c732e560d919ba385f820475285cf671dddab
SHA256

2ca09185bf4c9a91fbe61dc5c647747ffab0b0b4df1610369e2be0d40a7213fc
SHA512

51d9d19a27754de7412196c8764ea8d049d52de2edd821d2e3add1168c2fd39fb7ee4212348e26c35ff214144ec8511feb38838c15ab77c18c91b834f7958892
SSDEEP

6144:vukYWCETm5kGEiSQ47x6naOe0HjkVUGARtjk1jQi:vukphTjGwB7SaOeCeUGYiEi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2ca09185bf4c9a91fbe61dc5c647747ffab0b0b4df1610369e2be0d40a7213fcN.exe

Files

2ca09185bf4c9a91fbe61dc5c647747ffab0b0b4df1610369e2be0d40a7213fcN.exe
.dll regsvr32 windows:4 windows x86 arch:x86

ecfb7f2185392039069971ccae4d4bd7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

DisableThreadLibraryCalls

rpcrt4

NdrDllGetClassObject
NdrDllCanUnloadNow
NdrCStdStubBuffer_Release
NdrCStdStubBuffer2_Release
NdrDllRegisterProxy
NdrDllUnregisterProxy
CStdStubBuffer_DebugServerRelease
CStdStubBuffer_DebugServerQueryInterface
CStdStubBuffer_CountRefs
CStdStubBuffer_IsIIDSupported
CStdStubBuffer_Invoke
CStdStubBuffer_Disconnect
CStdStubBuffer_Connect
CStdStubBuffer_AddRef
CStdStubBuffer_QueryInterface
IUnknown_Release_Proxy
IUnknown_AddRef_Proxy
IUnknown_QueryInterface_Proxy
NdrOleFree
NdrOleAllocate
NdrClientCall2

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
GetProxyDllInfo

Sections

.text
Size: 4KB - Virtual size: 470B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.orpc
Size: 4KB - Virtual size: 736B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 584B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 526B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 172KB - Virtual size: 172KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

ecfb7f2185392039069971ccae4d4bd7

Headers

File Characteristics

Imports

kernel32

rpcrt4

Exports

Exports

Sections

.text Size: 4KB - Virtual size: 470B

.orpc Size: 4KB - Virtual size: 736B

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 4KB - Virtual size: 584B

.reloc Size: 4KB - Virtual size: 526B

.text Size: 172KB - Virtual size: 172KB

.text
Size: 4KB - Virtual size: 470B

.orpc
Size: 4KB - Virtual size: 736B

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 4KB - Virtual size: 584B

.reloc
Size: 4KB - Virtual size: 526B

.text
Size: 172KB - Virtual size: 172KB