Lx2[.]exe[.]bin

Sharing

Copy URL Twitter E-mail

General

Target

Lx2.exe.bin
Size

3.8MB
MD5

73b6ec72bcda8ee75ca34ce70fda6835
SHA1

72a4fcbdeec89b0b853e185fc5f76d24f3d34f27
SHA256

8a08a551752c9c5b9fe7eebaf2fe86ecc2551fac794843787378e497c14c4d25
SHA512

78dbf45db682547580fb82060f921bd120031e169d63db6df7776ee9461d54cdbdc4f6bd50d4e60279a3945cf0d3444f28f70f52168d5a2a3d556da643913f0f
SSDEEP

49152:ji/sYOXubjvEpzzczhQuiBn3f80PN5Tb5ZF7wGVrrMsSZN1Ts2ab4B6UaEtqyxT9:G/sMvMcFQ465T7FBcg2x1hPXV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Lx2.exe.bin

Files

Lx2.exe.bin
.exe windows x64

0fa6abd5edd1ea3b4502eeb25b682f8a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

GetCurrentThread
GetStdHandle
GetConsoleMode
WaitForSingleObject
WriteConsoleW
WaitForSingleObjectEx
CreateMutexA
ReleaseMutex
GetEnvironmentVariableW
RtlLookupFunctionEntry
GetModuleHandleW
FormatMessageW
GetTempPathW
GetModuleFileNameW
CreateFileW
GetFileInformationByHandleEx
GetFullPathNameW
GlobalUnlock
FindNextFileW
CreateDirectoryW
FindFirstFileW
ReleaseSRWLockExclusive
InitializeSListHead
IsProcessorFeaturePresent
GetFileInformationByHandle
GetEnvironmentStringsW
FreeEnvironmentStringsW
CompareStringOrdinal
GetSystemDirectoryW
FindClose
CreateProcessW
GetFileAttributesW
DuplicateHandle
GetCurrentProcessId
CreateNamedPipeW
CreateThread
ReadFileEx
SleepEx
WriteFileEx
GlobalFree
QueryPerformanceCounter
QueryPerformanceFrequency
GetSystemTimeAsFileTime
GetCurrentDirectoryW
RtlCaptureContext
AcquireSRWLockShared
ReleaseSRWLockShared
CopyFileExW
SleepConditionVariableSRW
Sleep
WakeConditionVariable
GetModuleHandleA
GlobalSize
GlobalLock
GlobalAlloc
MultiByteToWideChar
SetFileCompletionNotificationModes
CreateIoCompletionPort
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
SystemTimeToFileTime
GetTimeZoneInformation
RtlVirtualUnwind
FlushFileBuffers
GetTickCount
MapViewOfFile
CreateFileMappingW
FormatMessageA
GetSystemTime
FreeLibrary
GetFileSize
LockFileEx
LocalFree
UnlockFile
HeapDestroy
HeapCompact
LoadLibraryW
DeleteFileW
DeleteFileA
CreateFileA
FlushViewOfFile
OutputDebugStringW
GetFileAttributesExW
GetFileAttributesA
GetDiskFreeSpaceA
GetTempPathA
HeapSize
HeapValidate
UnmapViewOfFile
CreateMutexW
UnlockFileEx
SetEndOfFile
GetFullPathNameA
SetFilePointer
LockFile
OutputDebugStringA
GetDiskFreeSpaceW
WriteFile
HeapCreate
ReadFile
AreFileApisANSI
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
TryEnterCriticalSection
DeleteCriticalSection
GetCurrentThreadId
UnhandledExceptionFilter
TryAcquireSRWLockExclusive
SwitchToThread
GetProcessHeap
WideCharToMultiByte
GetFinalPathNameByHandleW
SetLastError
HeapAlloc
PostQueuedCompletionStatus
SetThreadStackGuarantee
AddVectoredExceptionHandler
GetCurrentProcess
GetProcAddress
LoadLibraryA
WakeAllConditionVariable
AcquireSRWLockExclusive
HeapReAlloc
GetSystemInfo
GetLastError
SetHandleInformation
IsDebuggerPresent
CloseHandle
GetQueuedCompletionStatusEx
SetUnhandledExceptionFilter
GetWindowsDirectoryW
TerminateProcess
SetFilePointerEx
HeapFree

ws2_32

ioctlsocket
WSASocketW
bind
listen
setsockopt
connect
getaddrinfo
WSASend
freeaddrinfo
WSAStartup
WSACleanup
recv
getsockopt
WSAIoctl
send
shutdown
accept
getsockname
WSAGetLastError
getpeername
socket
closesocket

crypt32

CertDuplicateStore
CryptUnprotectData
CertFreeCertificateContext
CertDuplicateCertificateContext
CertCloseStore
CertDuplicateCertificateChain
CertAddCertificateContextToStore
CertEnumCertificatesInStore
CertOpenStore
CertGetCertificateChain
CertFreeCertificateChain
CertVerifyCertificateChainPolicy

advapi32

CheckTokenMembership
RegQueryValueExW
AllocateAndInitializeSid
FreeSid
RegCreateKeyExA
RegSetValueExA
RegOpenKeyExW
SystemFunction036
RegCloseKey

bcrypt

BCryptGenRandom

user32

EmptyClipboard
EnumDisplaySettingsExW
GetClipboardData
OpenClipboard
GetMonitorInfoW
CloseClipboard
SetClipboardData
EnumDisplayMonitors

ntdll

NtCreateFile
NtCancelIoFileEx
NtDeviceIoControlFile
RtlNtStatusToDosError

secur32

QueryContextAttributesW
FreeContextBuffer
DeleteSecurityContext
EncryptMessage
ApplyControlToken
FreeCredentialsHandle
AcceptSecurityContext
InitializeSecurityContextW
AcquireCredentialsHandleA
DecryptMessage

gdi32

DeleteDC
CreateCompatibleDC
CreateCompatibleBitmap
SelectObject
SetStretchBltMode
StretchBlt
GetDIBits
GetObjectW
DeleteObject
GetDeviceCaps
CreateDCW

ole32

CoInitializeEx
CoInitializeSecurity

vcruntime140

memmove
memcmp
__current_exception_context
__current_exception
memset
__CxxFrameHandler3
strrchr
memcpy
__C_specific_handler

api-ms-win-crt-string-l1-1-0

strcmp
strncmp
strlen
strcspn

api-ms-win-crt-utility-l1-1-0

_rotl64
qsort

api-ms-win-crt-heap-l1-1-0

_msize
_set_new_mode
malloc
free
realloc

api-ms-win-crt-time-l1-1-0

_localtime64_s

api-ms-win-crt-math-l1-1-0

_dclass
log
__setusermatherr

api-ms-win-crt-runtime-l1-1-0

_register_thread_local_exe_atexit_callback
exit
_initterm_e
_c_exit
_initterm
_cexit
_exit
_beginthreadex
_endthreadex
_initialize_onexit_table
__p___argv
_seh_filter_exe
_set_app_type
_register_onexit_function
__p___argc
terminate
_configure_narrow_argv
_initialize_narrow_environment
_get_initial_narrow_environment
_crt_atexit

api-ms-win-crt-stdio-l1-1-0

__p__commode
_set_fmode

api-ms-win-crt-locale-l1-1-0

_configthreadlocale

Sections

.text
Size: 2.6MB - Virtual size: 2.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 64KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0fa6abd5edd1ea3b4502eeb25b682f8a

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

ws2_32

crypt32

advapi32

bcrypt

user32

ntdll

secur32

gdi32

ole32

vcruntime140

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-utility-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-time-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-locale-l1-1-0

Sections

.text Size: 2.6MB - Virtual size: 2.6MB

.rdata Size: 1.1MB - Virtual size: 1.1MB

.data Size: 24KB - Virtual size: 27KB

.pdata Size: 64KB - Virtual size: 63KB

.reloc Size: 26KB - Virtual size: 25KB

.text
Size: 2.6MB - Virtual size: 2.6MB

.rdata
Size: 1.1MB - Virtual size: 1.1MB

.data
Size: 24KB - Virtual size: 27KB

.pdata
Size: 64KB - Virtual size: 63KB

.reloc
Size: 26KB - Virtual size: 25KB