2b6921e2b1ff90ed313b221a156f2e259694cbd3d4f4f5c77338e9d84cb6cbc1

Sharing

Copy URL

Twitter E-mail

General

Target

2b6921e2b1ff90ed313b221a156f2e259694cbd3d4f4f5c77338e9d84cb6cbc1
Size

2.0MB
MD5

27ddd5602862e9b1483bf928cd618abc
SHA1

6f0b7d5971f3e4bb707a08cc3d8b13f9126694c9
SHA256

2b6921e2b1ff90ed313b221a156f2e259694cbd3d4f4f5c77338e9d84cb6cbc1
SHA512

f83ddd05ce0830d8f4c7607d455335ff7538375c71abbf2b3337c7bf16d412747a170047cf1a77b06f5dcd769498c1f3446c87d28968e7dc50431cfd3aba34bd
SSDEEP

24576:LwE8WQrujuTOmt14DClBuaCE+iWDBo2R7F3owVMqbCZ1be2/iJQeHNYB31GlXYHK:LLPbLQOYBVGyx90yCk1zOutfTTuLJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2b6921e2b1ff90ed313b221a156f2e259694cbd3d4f4f5c77338e9d84cb6cbc1

Files

2b6921e2b1ff90ed313b221a156f2e259694cbd3d4f4f5c77338e9d84cb6cbc1
.exe windows x86

2bf9c2d6028b4934bbaeb6cbc3df0a3a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CopyFileA
CreateDirectoryA
MultiByteToWideChar
GlobalMemoryStatus
GetLocalTime
FindNextFileA
GetVersionExA
GetTempFileNameA
SetThreadIdealProcessor
GetExitCodeProcess
MapViewOfFile
UnmapViewOfFile
CreateFileMappingA
GetSystemDefaultLangID
GetUserDefaultLangID
GetSystemInfo
CreateEventA
HeapAlloc
HeapFree
HeapReAlloc
ExitProcess
TerminateProcess
GetCurrentProcess
InterlockedDecrement
InterlockedIncrement
ResumeThread
CreateThread
TlsSetValue
ExitThread
SetFilePointer
ReadFile
GetFileType
CreateFileA
GetTimeZoneInformation
GetSystemTime
GetCurrentThreadId
GetCommandLineA
GetVersion
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
RtlUnwind
GetCPInfo
DeleteFileA
GetOEMCP
SetHandleCount
GetStdHandle
LCMapStringA
LCMapStringW
SetStdHandle
TlsAlloc
SetLastError
TlsGetValue
UnhandledExceptionFilter
WriteFile
HeapSize
SetEndOfFile
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
IsValidLocale
IsValidCodePage
GetLocaleInfoA
EnumSystemLocalesA
GetUserDefaultLCID
GetStringTypeA
GetStringTypeW
FlushFileBuffers
RaiseException
GetLocaleInfoW
CompareStringA
CompareStringW
SetEnvironmentVariableA
IsBadCodePtr
IsBadReadPtr
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
CreateFileW
GetFileSize
OutputDebugStringA
lstrcmpiA
GetFullPathNameA
InterlockedCompareExchange
InterlockedExchange
GlobalLock
GetFileAttributesA
GlobalUnlock
RemoveDirectoryA
ResetEvent
GetModuleHandleA
GlobalAlloc
WideCharToMultiByte
GetSystemDirectoryA
FindFirstFileA
FindClose
GlobalFree
lstrcpyA
LoadLibraryA
GetProcAddress
WaitForMultipleObjects
LeaveCriticalSection
EnterCriticalSection
FreeLibrary
FindResourceA
GetLastError
SizeofResource
LoadResource
LockResource
FreeResource
GetModuleFileNameA
WaitForSingleObject
SetEvent
SetCurrentDirectoryA
GetStartupInfoA
CreateProcessA
CreateMutexA
CloseHandle
Sleep
ReleaseMutex
DeleteCriticalSection
InitializeCriticalSection
GetACP

user32

CreateIconIndirect
OpenIcon
RegisterClassExA
SetWindowRgn
GetClassNameA
SendMessageTimeoutA
IsWindowVisible
SetWindowPlacement
EnableWindow
MoveWindow
SetRect
AdjustWindowRectEx
DestroyIcon
DefWindowProcA
GetWindowPlacement
SetFocus
EnumDisplaySettingsA
ChangeDisplaySettingsA
SetWindowPos
DrawMenuBar
CreateMenu
EnumWindows
DialogBoxParamA
GetSystemMetrics
SetCursorPos
SetMenu
ShowCursor
DestroyMenu
DestroyWindow
LoadIconA
GetWindowRect
LoadCursorA
SetClassLongA
ClientToScreen
SetCursor
GetWindowTextA
DeleteMenu
PostQuitMessage
GetSystemMenu
CreateWindowExA
RegisterClassA
MessageBoxA
SetWindowLongA
GetWindowLongA
RedrawWindow
GetDC
ReleaseDC
GetMessageA
TranslateMessage
GetDlgItem
SetWindowTextA
ChangeDisplaySettingsExA
EndDialog
DispatchMessageA
PeekMessageA
SendMessageA
ShowWindow
IsIconic
SetForegroundWindow
FindWindowA
GetKeyboardState
SetKeyboardState
GetCursorPos
ScreenToClient
PostMessageA
GetSubMenu
TrackPopupMenu
GetClipboardData
EmptyClipboard
SetClipboardData
CloseClipboard
OpenClipboard
GetClientRect
SystemParametersInfoA
UpdateWindow
InsertMenuItemA

gdi32

SelectObject
CreateCompatibleDC
GetObjectA
SetBkMode
TextOutA
CreateFontIndirectA
CreateDIBSection
CreateBitmap
ExtCreateRegion
GetDIBits
GetDeviceCaps
DeleteObject
DeleteDC
GetStockObject
SetStretchBltMode
StretchDIBits
SetTextColor
EnumFontFamiliesExA

shell32

DragQueryFileA
DragAcceptFiles
Shell_NotifyIconA
FindExecutableA
ShellExecuteExA
SHGetSpecialFolderPathA
DragFinish

advapi32

RegCloseKey
RegOpenKeyExA
RegQueryValueExA
RegOpenKeyA

comctl32

ord17

ole32

CoUninitialize
CoCreateInstance
CoInitialize

winmm

timeGetTime
joyGetPosEx
mciSendStringA
waveInGetDevCapsA
mmioStringToFOURCCA
mmioOpenA
waveInGetNumDevs
waveOutGetDevCapsA
timeGetDevCaps
timeBeginPeriod
joyGetNumDevs
timeEndPeriod
mmioClose
waveOutGetNumDevs
mciSendCommandA
mmioAscend
mmioDescend
mmioRead

msacm32

acmStreamSize
acmFormatSuggest
acmStreamPrepareHeader
acmStreamConvert
acmStreamUnprepareHeader
acmStreamClose
acmStreamOpen

imm32

ImmAssociateContext

version

VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA

d3d9

Direct3DCreate9

dsound

ord1

Sections

.text
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 153KB - Virtual size: 153KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 117KB - Virtual size: 2.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

_RDATA
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data1
Size: 512B - Virtual size: 208B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sxdata
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 282KB - Virtual size: 281KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2bf9c2d6028b4934bbaeb6cbc3df0a3a

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shell32

advapi32

comctl32

ole32

winmm

msacm32

imm32

version

d3d9

dsound

Sections

.text Size: 1.4MB - Virtual size: 1.4MB

.rdata Size: 153KB - Virtual size: 153KB

.data Size: 117KB - Virtual size: 2.3MB

_RDATA Size: 22KB - Virtual size: 22KB

.data1 Size: 512B - Virtual size: 208B

.sxdata Size: 512B - Virtual size: 8B

.rsrc Size: 282KB - Virtual size: 281KB

.text
Size: 1.4MB - Virtual size: 1.4MB

.rdata
Size: 153KB - Virtual size: 153KB

.data
Size: 117KB - Virtual size: 2.3MB

_RDATA
Size: 22KB - Virtual size: 22KB

.data1
Size: 512B - Virtual size: 208B

.sxdata
Size: 512B - Virtual size: 8B

.rsrc
Size: 282KB - Virtual size: 281KB