2cd2fe4ec530641ef174e298dbb1e1d110398fd51dd97e93b8cb134769ec95a2

Sharing

Copy URL

Twitter E-mail

General

Target

2cd2fe4ec530641ef174e298dbb1e1d110398fd51dd97e93b8cb134769ec95a2
Size

5.5MB
MD5

ec1f365a0ef45943a8d0d238d59fd606
SHA1

6a880980e69b270875daf5fbd52749b58a205646
SHA256

2cd2fe4ec530641ef174e298dbb1e1d110398fd51dd97e93b8cb134769ec95a2
SHA512

2556b1729300302197ffaf5ec830fa3bfa7b743a7069a307042abdd4ed61ba01ebd9d0ffac0e5f028a0ff8e8a712f6d5d515abca7ddc7d5eeba5cb81370d04df
SSDEEP

98304:OXXNDgBTHzdxF7L31xp439fgy18bFspfH:GXNKzdxF7LlnW9fYG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2cd2fe4ec530641ef174e298dbb1e1d110398fd51dd97e93b8cb134769ec95a2

Files

2cd2fe4ec530641ef174e298dbb1e1d110398fd51dd97e93b8cb134769ec95a2
.exe windows x86

437a2721a26e2a837928b5c6d8ffb49c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

dbghelp

MiniDumpWriteDump

shlwapi

PathFindFileNameW
ord12
StrToIntA
PathAppendW
StrDupW

msimg32

AlphaBlend

comctl32

_TrackMouseEvent
InitCommonControlsEx

imm32

ImmDisableIME
ImmNotifyIME
ImmAssociateContextEx
ImmGetCompositionStringW
ImmSetCompositionWindow
ImmReleaseContext
ImmGetContext

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

kernel32

GetTempFileNameW
RemoveDirectoryW
GetPrivateProfileStringW
SetLastError
InterlockedExchangeAdd
InterlockedExchange
WriteFile
FindFirstFileW
FindNextFileW
FindClose
UnmapViewOfFile
DuplicateHandle
SystemTimeToFileTime
WideCharToMultiByte
GetFileType
GetSystemTime
CreateFileMappingW
MapViewOfFile
CreateDirectoryW
SetFileTime
MultiByteToWideChar
GetCurrentDirectoryW
DosDateTimeToFileTime
AreFileApisANSI
TryEnterCriticalSection
HeapCreate
HeapFree
EnterCriticalSection
GetFullPathNameW
InterlockedCompareExchange
GetDiskFreeSpaceW
OutputDebugStringA
LockFile
LeaveCriticalSection
InitializeCriticalSection
GetFullPathNameA
UnlockFileEx
GetTempPathW
CreateMutexW
GetEnvironmentVariableA
GetVersionExW
HeapValidate
HeapSize
GetTempPathA
FormatMessageW
GetDiskFreeSpaceA
GetFileAttributesA
GetFileAttributesExW
OutputDebugStringW
FlushViewOfFile
CreateFileA
LoadLibraryA
WaitForSingleObjectEx
GetVersionExA
DeleteFileA
HeapReAlloc
GetSystemInfo
HeapAlloc
HeapCompact
HeapDestroy
UnlockFile
CreateFileMappingA
LockFileEx
GetProcessHeap
GetSystemTimeAsFileTime
FormatMessageA
QueryPerformanceCounter
FlushFileBuffers
ExitProcess
GetFileTime
GetDriveTypeW
GetACP
ResumeThread
GetLongPathNameW
ReleaseMutex
QueryDosDeviceW
lstrcatW
lstrcpyW
lstrcmpiW
LoadLibraryExW
GetEnvironmentVariableW
GetVolumeInformationW
GetLogicalDriveStringsW
GetWindowsDirectoryW
MoveFileW
GetFileSizeEx
LCMapStringW
WritePrivateProfileStringW
GetTickCount
WriteConsoleW
SetEnvironmentVariableA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
ExpandEnvironmentStringsW
SetStdHandle
SetFilePointerEx
ReadConsoleW
GetConsoleMode
GetConsoleCP
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetTimeZoneInformation
GetStdHandle
PeekNamedPipe
FindFirstFileExW
FreeLibraryAndExitThread
ExitThread
RtlUnwind
OpenThread
SetThreadContext
GetThreadContext
CreateToolhelp32Snapshot
SuspendThread
Thread32First
Thread32Next
LoadLibraryExA
VirtualFree
VirtualAlloc
InterlockedPushEntrySList
InterlockedPopEntrySList
FlushInstructionCache
GetModuleHandleExW
VirtualProtect
CreateThread
DisableThreadLibraryCalls
GetModuleHandleA
FreeResource
MapViewOfFileEx
CreateWaitableTimerW
SetWaitableTimer
lstrcmpW
IsDebuggerPresent
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
InitializeSListHead
GetCPInfo
GetLocaleInfoW
CompareStringW
EncodePointer
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
SwitchToThread
QueryPerformanceFrequency
GetStringTypeW
DeviceIoControl
LocalFree
LocalAlloc
GetLocalTime
FileTimeToSystemTime
OpenEventW
GetStartupInfoW
GlobalMemoryStatusEx
ResetEvent
SetEvent
CreateEventW
VirtualQuery
OpenMutexW
OpenFileMappingW
OpenProcess
SetEndOfFile
SetFilePointer
GetFileAttributesW
MulDiv
GetExitCodeProcess
FreeLibrary
CreateProcessW
GetProcAddress
GetCurrentProcess
LoadLibraryW
GetFileSize
FindResourceW
LoadResource
CloseHandle
LockResource
CreateFileW
SizeofResource
ReadFile
CopyFileW
MoveFileExW
DeleteFileW
SetFileAttributesW
GetCurrentProcessId
GetModuleHandleW
SetErrorMode
GetCurrentThreadId
InterlockedIncrement
InterlockedDecrement
GlobalUnlock
GlobalLock
GetOEMCP
lstrlenW
WaitForMultipleObjects
GetLastError
InitializeCriticalSectionAndSpinCount
GetModuleFileNameW
RaiseException
DecodePointer
DeleteCriticalSection
WaitForSingleObject
Sleep
GlobalAlloc
GlobalFree
IsValidCodePage
SystemTimeToTzSpecificLocalTime

user32

GetSysColor
GetIconInfo
LoadBitmapW
MsgWaitForMultipleObjects
FillRect
UpdateLayeredWindow
SetCaretPos
SetRectEmpty
GetCaretBlinkTime
ToAscii
DialogBoxParamW
CharNextW
GetMessageW
DispatchMessageW
PeekMessageW
TranslateMessage
PostQuitMessage
GetClassLongW
AdjustWindowRectEx
ShowWindowAsync
SetWindowRgn
InvalidateRgn
IsChild
GetPropW
ValidateRect
RegisterWindowMessageW
MoveWindow
SetFocus
SetParent
BeginPaint
EndPaint
TrackMouseEvent
SetCapture
ReleaseCapture
GetWindowDC
RedrawWindow
EnumThreadWindows
RegisterClassExW
CreateWindowExW
GetDCEx
InvalidateRect
GetAncestor
GetClassInfoExW
EqualRect
IsZoomed
SetCursor
CreateAcceleratorTableW
DestroyAcceleratorTable
GetFocus
SetPropW
RemovePropW
EnumChildWindows
UnionRect
SetRect
GetWindowTextLengthW
MonitorFromPoint
GetWindow
MonitorFromWindow
SetWindowTextW
GetMonitorInfoW
MapWindowPoints
GetClassNameW
GetDlgItem
EnableWindow
GetWindowTextW
LoadStringW
FindWindowExW
MessageBoxW
GetSystemMetrics
WindowFromPoint
IsWindow
SystemParametersInfoW
GetParent
DrawIconEx
GetDC
ReleaseDC
RegisterClipboardFormatW
GetKeyState
GetKeyboardState
EmptyClipboard
SetClipboardData
SendInput
DrawTextW
LoadImageW
GetDesktopWindow
DestroyWindow
AttachThreadInput
LoadIconW
EndDialog
GetClientRect
CopyRect
GetAsyncKeyState
LoadCursorW
GetWindowThreadProcessId
GetWindowRect
IsWindowVisible
keybd_event
ScreenToClient
GetActiveWindow
ClientToScreen
GetForegroundWindow
KillTimer
PtInRect
SetForegroundWindow
IsIconic
GetCursorPos
GetWindowLongW
DefWindowProcW
CallWindowProcW
SetWindowPos
SetClipboardViewer
ShowWindow
OpenClipboard
SetTimer
ChangeClipboardChain
CloseClipboard
GetClipboardData
SetWindowLongW
IsClipboardFormatAvailable
SendMessageW
UnregisterClassW
FindWindowW
PostMessageW
OffsetRect
IntersectRect
IsRectEmpty

gdi32

CreatePolygonRgn
CreateRectRgnIndirect
GetRgnBox
CreateSolidBrush
EnumFontsW
GetClipBox
GetDIBits
CreateDCW
CreateRoundRectRgn
PtInRegion
GetTextMetricsW
SetViewportOrgEx
EnumFontFamiliesW
GetStockObject
GetDeviceCaps
CreateFontIndirectW
CreateCompatibleBitmap
ExtTextOutW
BitBlt
SelectObject
CreateDIBSection
SetGraphicsMode
GetBitmapBits
SetTextColor
SetBkMode
GetObjectW
SetBkColor
DeleteObject
SetWorldTransform
CreateCompatibleDC
DeleteDC

comdlg32

GetOpenFileNameW

advapi32

GetAclInformation
GetAce
GetSecurityDescriptorDacl
RegQueryValueExW
RegOpenKeyExW
RegCloseKey
RegSetValueExW
RegEnumKeyExW
RegDeleteValueW
RegCreateKeyExW
RegDeleteKeyW
SystemFunction036
EqualSid
RegQueryInfoKeyW
LookupAccountNameW
GetFileSecurityW
GetNamedSecurityInfoW
SetNamedSecurityInfoW
SetEntriesInAclW

shell32

SHGetFolderPathW
DragFinish
DragQueryFileW
SHGetSpecialFolderPathW

ole32

CoTaskMemRealloc
CoGetClassObject
OleUninitialize
StringFromGUID2
CLSIDFromProgID
OleInitialize
CLSIDFromString
CoTaskMemFree
CoTaskMemAlloc
OleLockRunning
CreateStreamOnHGlobal
CoCreateInstance

oleaut32

DispCallFunc
SysStringLen
SysAllocStringLen
SysFreeString
VariantClear
SysAllocString
LoadRegTypeLi
OleCreateFontIndirect
VariantInit
VarUI4FromStr
LoadTypeLi

urlmon

CoInternetCreateZoneManager
CoInternetCreateSecurityManager

gdiplus

GdipSetLineTransform
GdipGetBrushType
GdipCombineRegionRegion
GdipAddPathRectangleI
GdipAddPathArcI
GdipAddPathEllipseI
GdipCombineRegionPath
GdipAddPathBezierI
GdipAddPathLineI
GdipCreateRegionPath
GdipGetInterpolationMode
GdipGetLineTransform
GdipSetImageAttributesColorMatrix
GdipSetCompositingQuality
GdipGetFamily
GdipGetTextRenderingHint
GdipAddPathString
GdipGetStringFormatLineAlign
GdipGetEmHeight
GdipSaveGraphics
GdipCreateLineBrushI
GdipSetLineWrapMode
GdipGetLineSpacing
GdipCreateMatrix2
GdipDisposeImageAttributes
GdipDeletePath
GdipGetStringFormatAlign
GdipCreateMatrix
GdipSetSmoothingMode
GdipEndContainer
GdipCreatePath
GdipSetStringFormatLineAlign
GdipSetLinePresetBlend
GdipGetCellDescent
GdipCloneBitmapArea
GdipGetFontStyle
GdipSetStringFormatTrimming
GdipTransformRegion
GdipFillPath
GdipGetPathWorldBounds
GdipMultiplyWorldTransform
GdipGraphicsClear
GdipSetPenDashStyle
GdipDrawLine
GdipDrawRectangle
GdipScaleWorldTransform
GdipSetClipRectI
GdipClosePathFigure
GdipGetSmoothingMode
GdipDrawArcI
GdipCreateImageAttributes
GdipSetClipRegion
GdipDrawPath
GdipDrawString
GdipSetImageAttributesWrapMode
GdipGetClipBoundsI
GdipFillEllipse
GdipBeginContainer2
GdipCreateTexture
GdipGetTextureTransform
GdipGetMatrixElements
GdipCloneStringFormat
GdipSetTextRenderingHint
GdipGetCellAscent
GdipStringFormatGetGenericTypographic
GdipRotateWorldTransform
GdipRestoreGraphics
GdipDeleteRegion
ord1
GdipDeleteStringFormat
GdipGetFontSize
GdipTranslateWorldTransform
GdipDeletePen
GdipCreatePen1
GdipSetStringFormatAlign
GdipDrawImageRectRectI
GdipDeleteMatrix
GdipGetFamilyName
GdipCloneRegion
GdipSetStringFormatFlags
GdipCloneBitmapAreaI
GdiplusStartup
GdiplusShutdown
GdipCreateHBITMAPFromBitmap
GdipReleaseDC
GdipGetDC
GdipDeleteFontFamily
GdipCreateFontFamilyFromName
GdipCreateFont
GdipGetGenericFontFamilySansSerif
GdipDeleteFont
GdipCreateFromHDC
GdipMeasureString
GdipGetImageHeight
GdipImageGetFrameDimensionsCount
GdipDrawImageRectRect
GdipBitmapUnlockBits
GdipDeleteBrush
GdipGetPropertyItem
GdipSetInterpolationMode
GdipCreateSolidFill
GdipGetImagePixelFormat
GdipSetPixelOffsetMode
GdipImageSelectActiveFrame
GdipBitmapLockBits
GdipImageGetFrameDimensionsList
GdipImageGetFrameCount
GdipGetImageGraphicsContext
GdipFillRectangleI
GdipDeleteGraphics
GdipGetImageWidth
GdipCreateBitmapFromFile
GdipCreateBitmapFromScan0
GdipGetPropertyItemSize
GdipCloneImage
GdipCreateBitmapFromStream
GdipAlloc
GdipDisposeImage
GdipFree
GdipSetTextureTransform
GdipCloneBrush
GdipSetCompositingMode

iphlpapi

GetAdaptersAddresses

winmm

timeGetTime

psapi

GetMappedFileNameW

Exports

Exports

sqlite3_carray_init
sqlite3_csv_init
sqlite3_fileio_init
sqlite3_series_init
sqlite3_shathree_init
sqlite3_uuid_init

Sections

.text
Size: 3.7MB - Virtual size: 3.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 856KB - Virtual size: 855KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 129KB - Virtual size: 180KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

_RDATA
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 594KB - Virtual size: 593KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 211KB - Virtual size: 211KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

437a2721a26e2a837928b5c6d8ffb49c

Headers

DLL Characteristics

File Characteristics

Imports

dbghelp

shlwapi

msimg32

comctl32

imm32

version

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

urlmon

gdiplus

iphlpapi

winmm

psapi

Exports

Exports

Sections

.text Size: 3.7MB - Virtual size: 3.7MB

.rdata Size: 856KB - Virtual size: 855KB

.data Size: 129KB - Virtual size: 180KB

_RDATA Size: 2KB - Virtual size: 1KB

.rsrc Size: 594KB - Virtual size: 593KB

.reloc Size: 211KB - Virtual size: 211KB

.text
Size: 3.7MB - Virtual size: 3.7MB

.rdata
Size: 856KB - Virtual size: 855KB

.data
Size: 129KB - Virtual size: 180KB

_RDATA
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 594KB - Virtual size: 593KB

.reloc
Size: 211KB - Virtual size: 211KB