2b931d2a7faa8b6a7c795b2b3af9517ad23b375c92b7025c16bdd4ed28bcc7bb

Sharing

Copy URL Twitter E-mail

General

Target

2b931d2a7faa8b6a7c795b2b3af9517ad23b375c92b7025c16bdd4ed28bcc7bb
Size

3.6MB
MD5

1b78a4c23f8c86a4f39fd028a92a0226
SHA1

43b623f75df595a11e0e7f58cb82b2ce686b3748
SHA256

2b931d2a7faa8b6a7c795b2b3af9517ad23b375c92b7025c16bdd4ed28bcc7bb
SHA512

d2bed8679d46fe0311b684823156b457eab3c40fa6a1a877552c91e3ccba44d1a0e16a6b4cd6dc97fc4f48abb5e96d69db5c1e5e63781d332d7006ca0536c904
SSDEEP

49152:BNZLD2ySdAtE4sXzE12llWZwjmnlCAo9FITBBx8WdC8Y1uAxH30B4wJB6K3:BLDpEPhlWwWlRo9FcB+gC8YB0B4qF3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2b931d2a7faa8b6a7c795b2b3af9517ad23b375c92b7025c16bdd4ed28bcc7bb

Files

2b931d2a7faa8b6a7c795b2b3af9517ad23b375c92b7025c16bdd4ed28bcc7bb
.exe windows:5 windows x86

834d6a5da3c7a089cd6ac74a0776d916

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

oleaut32

VariantCopyInd

advapi32

RegQueryValueExW

user32

DdeFreeStringHandle

kernel32

GetVersion
GetVersionExW
GetVersion
GetLocalTime
GetModuleFileNameW
GetModuleHandleA
LoadLibraryA
LocalAlloc
LocalFree
GetModuleFileNameA
ExitProcess

msimg32

AlphaBlend

gdi32

PolyBezierTo

version

GetFileVersionInfoSizeW

mpr

WNetGetConnectionW

ole32

CoUninitialize

comctl32

ImageList_Add

urlmon

URLDownloadToFileW

wininet

InternetCloseHandle

shell32

ShellExecuteW

comdlg32

PrintDlgW

winspool.drv

ClosePrinter

Sections

.text
Size: 2.3MB - Virtual size: 2.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.itext
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 56KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 23KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.didata
Size: 1024B - Virtual size: 934B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 72B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.vmp0
Size: 886KB - Virtual size: 885KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vmp1
Size: 180KB - Virtual size: 179KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 203KB - Virtual size: 203KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

834d6a5da3c7a089cd6ac74a0776d916

Headers

File Characteristics

Imports

oleaut32

advapi32

user32

kernel32

msimg32

gdi32

version

mpr

ole32

comctl32

urlmon

wininet

shell32

comdlg32

winspool.drv

Sections

.text Size: 2.3MB - Virtual size: 2.3MB

.itext Size: 11KB - Virtual size: 10KB

.data Size: 56KB - Virtual size: 56KB

.bss Size: - Virtual size: 23KB

.idata Size: 17KB - Virtual size: 16KB

.didata Size: 1024B - Virtual size: 934B

.tls Size: - Virtual size: 72B

.rdata Size: 512B - Virtual size: 24B

.vmp0 Size: 886KB - Virtual size: 885KB

.vmp1 Size: 180KB - Virtual size: 179KB

.reloc Size: 203KB - Virtual size: 203KB

.rsrc Size: 32KB - Virtual size: 31KB

.text
Size: 2.3MB - Virtual size: 2.3MB

.itext
Size: 11KB - Virtual size: 10KB

.data
Size: 56KB - Virtual size: 56KB

.bss
Size: - Virtual size: 23KB

.idata
Size: 17KB - Virtual size: 16KB

.didata
Size: 1024B - Virtual size: 934B

.tls
Size: - Virtual size: 72B

.rdata
Size: 512B - Virtual size: 24B

.vmp0
Size: 886KB - Virtual size: 885KB

.vmp1
Size: 180KB - Virtual size: 179KB

.reloc
Size: 203KB - Virtual size: 203KB

.rsrc
Size: 32KB - Virtual size: 31KB