2f21a1374622417561cc5ec162c134894b9b84a24cd7e5daea137006795cf370[.]exe

General

Target

2f21a1374622417561cc5ec162c134894b9b84a24cd7e5daea137006795cf370.exe
Size

302KB
MD5

21ce5fac25862da9bb37d3aa814134b8
SHA1

94d78cf60199cd3f8acc869b39d4b4248604daa4
SHA256

2f21a1374622417561cc5ec162c134894b9b84a24cd7e5daea137006795cf370
SHA512

a5ca03ff0869d81d7af1bc9904008725132eede9c246251f38aa2ff1ea16fa2371bc55249a80aa137fcaae7d4f0cbc98a27ee172f9c80f3ce5eac0cdb8a86690
SSDEEP

6144:K9d2UEsvUo+/+33MyPsaoyY2eHlaNOIyltCWhkcyPfF:2yYR+c30MYnHthqHF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2f21a1374622417561cc5ec162c134894b9b84a24cd7e5daea137006795cf370.exe

Files

2f21a1374622417561cc5ec162c134894b9b84a24cd7e5daea137006795cf370.exe
.exe windows:4 windows x86 arch:x86

9fd655e51f78bb96dbb09d8051830972

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemTime
ExitProcess
GetProcAddress
GetModuleHandleA
TerminateProcess
GetCurrentProcess
RtlUnwind
GetCommandLineA
GetVersionExA
RaiseException
HeapFree
HeapAlloc
LCMapStringA
WideCharToMultiByte
MultiByteToWideChar
GetLastError
LCMapStringW
GetCPInfo
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
GetModuleFileNameA
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
GetStringTypeA
GetStringTypeW
WriteFile
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
GetStartupInfoA
HeapDestroy
HeapCreate
VirtualFree
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadWritePtr
IsBadCodePtr
VirtualAlloc
HeapReAlloc
FlushFileBuffers
SetFilePointer
CloseHandle
HeapSize
VirtualProtect
GetSystemInfo
VirtualQuery
LoadLibraryA
InterlockedExchange
GetACP
GetOEMCP
SetStdHandle
ReadFile
GetLocaleInfoW

Sections

.text
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

9fd655e51f78bb96dbb09d8051830972

Headers

File Characteristics

Imports

kernel32

Sections

.text Size: 44KB - Virtual size: 43KB

.rdata Size: 16KB - Virtual size: 12KB

.data Size: 4KB - Virtual size: 9KB

.text
Size: 44KB - Virtual size: 43KB

.rdata
Size: 16KB - Virtual size: 12KB

.data
Size: 4KB - Virtual size: 9KB