2ffa1c98be92da5bc3c2d62fe293cd0b36c2a40541a476b61b503c049ecef910

Sharing

Copy URL Twitter E-mail

General

Target

2ffa1c98be92da5bc3c2d62fe293cd0b36c2a40541a476b61b503c049ecef910
Size

392KB
MD5

3c3d07adc901039cd45daeafd46c755b
SHA1

8a6a3a586a6d63d278eba6933765c7fa94926f5d
SHA256

2ffa1c98be92da5bc3c2d62fe293cd0b36c2a40541a476b61b503c049ecef910
SHA512

e7f63b31935e4b4981e41a744bda5b34b702e6b803aa3ef241cb92595d3bb214545b2c547c9c0b840a373d53a6817c3f5f0126eb2c0fc07df4629bab2be541ef
SSDEEP

12288:IjGet45YvtoVofZaQeDjodlmJKFX+L+P01/qnu:IjGet4ibaQeDjodlmJKVQ1/+u

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2ffa1c98be92da5bc3c2d62fe293cd0b36c2a40541a476b61b503c049ecef910

Files

2ffa1c98be92da5bc3c2d62fe293cd0b36c2a40541a476b61b503c049ecef910
.exe windows x86

8451e4af4ee1b5d9190b061f2b48d36d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCPInfo
GetOEMCP
GetThreadLocale
SetErrorMode
FlushFileBuffers
LockFile
UnlockFile
GetVolumeInformationA
GetFullPathNameA
GetFileAttributesA
FormatMessageA
RtlUnwind
ExitProcess
GetStartupInfoA
GetCommandLineA
HeapAlloc
HeapFree
RaiseException
HeapReAlloc
HeapSize
GetACP
GetProcessVersion
LCMapStringA
LCMapStringW
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
GetStringTypeA
GetStringTypeW
SetStdHandle
CompareStringA
CompareStringW
SetEnvironmentVariableA
SizeofResource
GlobalFlags
GetProfileStringA
DeviceIoControl
MulDiv
TlsGetValue
LocalReAlloc
TlsSetValue
GlobalReAlloc
TlsFree
GlobalHandle
TlsAlloc
LocalFree
LocalAlloc
SetLastError
GetVersion
lstrcatA
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalUnlock
GlobalFree
LockResource
FindResourceA
LoadResource
GlobalLock
GlobalAlloc
GlobalDeleteAtom
lstrcmpA
lstrcmpiA
GetCurrentThread
MultiByteToWideChar
InterlockedDecrement
InterlockedIncrement
GetCurrentThreadId
FileTimeToLocalFileTime
IsBadReadPtr
IsBadCodePtr
lstrcpynA
GetPrivateProfileIntA
DeleteCriticalSection
InitializeCriticalSection
ReadFile
WriteFile
SetEndOfFile
SetFileTime
EnterCriticalSection
CreateFileA
SetFilePointer
GetFileSize
GetFileTime
LeaveCriticalSection
DuplicateHandle
FileTimeToSystemTime
GetSystemTime
WideCharToMultiByte
CreateToolhelp32Snapshot
Module32First
Module32Next
lstrcpyA
lstrlenA
GetVersionExA
LoadLibraryExA
FreeLibrary
WritePrivateProfileStringA
GetPrivateProfileStringA
FindFirstFileA
FindNextFileA
FindClose
SetCurrentDirectoryA
CreateDirectoryA
CreateMutexA
GetLastError
OpenProcess
Beep
GetLocalTime
SetUnhandledExceptionFilter
GetModuleHandleA
LoadLibraryA
GetProcAddress
GetCurrentProcess
TerminateProcess
GetModuleFileNameA
GetLongPathNameA
GetCurrentProcessId
CreateProcessA
GetTickCount
GetExitCodeThread
WaitForMultipleObjects
TerminateThread
CreateThread
GetHandleInformation
CloseHandle
GetTimeZoneInformation
Sleep

user32

CharNextA
CopyAcceleratorTableA
SetRect
GetNextDlgGroupItem
MessageBeep
CharUpperA
InflateRect
RegisterClipboardFormatA
PostThreadMessageA
SetDlgItemTextA
LoadIconA
UpdateWindow
SendDlgItemMessageA
MapWindowPoints
GetSysColor
AdjustWindowRectEx
ScreenToClient
EqualRect
DeferWindowPos
GetClientRect
BeginDeferWindowPos
CopyRect
EndDeferWindowPos
IsWindowVisible
GetTopWindow
IsChild
GetCapture
WinHelpA
GetClassInfoA
RegisterClassA
GetMenu
GetMenuItemCount
GetSubMenu
GetMenuItemID
GetWindowTextLengthA
GetDlgCtrlID
GetKeyState
CreateWindowExA
GetSysColorBrush
CallNextHookEx
GetClassLongA
EndPaint
UnhookWindowsHookEx
GetPropA
CallWindowProcA
RemovePropA
DefWindowProcA
GetMessageTime
GetMessagePos
GetLastActivePopup
GetForegroundWindow
SetForegroundWindow
SetWindowLongA
RegisterWindowMessageA
OffsetRect
GetWindowDC
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetNextDlgTabItem
EndDialog
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
GetParent
GetWindowLongA
GetDlgItem
IsWindowEnabled
SendMessageA
PostQuitMessage
GetWindow
MessageBoxA
LoadStringA
EnableWindow
UnregisterClassA
HideCaret
GetMenuCheckMarkDimensions
ShowCaret
ExcludeUpdateRgn
wsprintfA
KillTimer
FindWindowA
FindWindowExA
IsWindow
PostMessageA
SetTimer
GetFocus
GetSystemMetrics
GetWindowRect
SetWindowPos
SetFocus
TranslateMessage
DispatchMessageA
PeekMessageA
LoadCursorA
GrayStringA
DrawTextA
SetWindowsHookExA
TabbedTextOutA
GetClassNameA
EnumWindows
DrawFocusRect
DefDlgProcA
IsWindowUnicode
GetWindowTextA
GetWindowThreadProcessId
GetDC
BeginPaint
ClientToScreen
PtInRect
BringWindowToTop
InvalidateRect
UnpackDDElParam
ReuseDDElParam
SetMenu
LoadMenuA
DestroyMenu
GetDesktopWindow
ReleaseCapture
TranslateAcceleratorA
LoadAcceleratorsA
SetRectEmpty
MapDialogRect
SetWindowContextHelpId
GetMessageA
ValidateRect
GetCursorPos
SetCursor
ShowOwnedPopups
LoadBitmapA
GetMenuState
ModifyMenuA
IntersectRect
ReleaseDC
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
ShowWindow
MoveWindow
SetWindowTextA
SetPropA
IsDialogMessageA

gdi32

SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
IntersectClipRect
GetDeviceCaps
GetViewportExtEx
GetWindowExtEx
CreateSolidBrush
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
GetTextColor
GetBkColor
DPtoLP
LPtoDP
GetMapMode
PatBlt
SetBkMode
GetStockObject
SelectObject
RestoreDC
SaveDC
DeleteDC
DeleteObject
CreateBitmap
GetObjectA
SetBkColor
SetTextColor
GetClipBox
CreateDIBitmap
GetTextExtentPointA
BitBlt
CreateCompatibleDC

comdlg32

GetFileTitleA

winspool.drv

ClosePrinter
OpenPrinterA
DocumentPropertiesA

advapi32

AdjustTokenPrivileges
RegOpenKeyExA
RegSetValueExA
RegQueryValueExA
RegCloseKey
RegCreateKeyExA
OpenProcessToken
LookupPrivilegeValueA

shell32

DragQueryFileA
DragFinish

comctl32

ord17

oledlg

ord8

ole32

OleInitialize
OleUninitialize
CoFreeUnusedLibraries
CoRegisterMessageFilter
CoRevokeClassObject
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CLSIDFromString
CLSIDFromProgID
CoTaskMemAlloc
CoTaskMemFree
OleFlushClipboard
OleIsCurrentClipboard
CreateILockBytesOnHGlobal

olepro32

ord253

oleaut32

SysAllocString
VariantChangeType
VariantCopy
VariantTimeToSystemTime
VariantClear
SysAllocStringLen
SysFreeString
SysAllocStringByteLen
SysStringLen

ws2_32

WSAAccept
socket
htonl
bind
listen
WSASetEvent
gethostname
ntohs
getsockname
inet_ntoa
WSACleanup
WSAStartup
send
WSAEnumNetworkEvents
ioctlsocket
htons
inet_addr
gethostbyname
WSASocketA
setsockopt
WSAResetEvent
WSAConnect
WSAGetLastError
closesocket
shutdown
WSAWaitForMultipleEvents
recv
WSAEventSelect
WSACreateEvent
WSACloseEvent
select

psapi

GetModuleFileNameExA

Sections

.text
Size: 292KB - Virtual size: 291KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 44KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 36KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

_BSS
Size: 4KB - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8451e4af4ee1b5d9190b061f2b48d36d

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

olepro32

oleaut32

ws2_32

psapi

Sections

.text Size: 292KB - Virtual size: 291KB

.rdata Size: 44KB - Virtual size: 41KB

.data Size: 36KB - Virtual size: 51KB

_BSS Size: 4KB - Virtual size: 4B

.rsrc Size: 12KB - Virtual size: 10KB

.text
Size: 292KB - Virtual size: 291KB

.rdata
Size: 44KB - Virtual size: 41KB

.data
Size: 36KB - Virtual size: 51KB

_BSS
Size: 4KB - Virtual size: 4B

.rsrc
Size: 12KB - Virtual size: 10KB