2b94c9a331ecb7aab44f2792bd04a596e4efc9adb650ce79a190a81cfb230b0c

Sharing

Copy URL Twitter E-mail

General

Target

2b94c9a331ecb7aab44f2792bd04a596e4efc9adb650ce79a190a81cfb230b0c
Size

3.1MB
MD5

bad32d428b07bcf016151e5da5a5e04d
SHA1

bb2647da4141aea24fe4c0f720683d5684726cb2
SHA256

2b94c9a331ecb7aab44f2792bd04a596e4efc9adb650ce79a190a81cfb230b0c
SHA512

65a4b95df28c1718b3fe196758e7f32a3ecea5001898fa072bfa055098e8844841ab357a519f8cf92f6f28ad9774d1f8b45becc911c6b7220f76de4767e741cd
SSDEEP

49152:BZAf5ZUWEH1dnpOHJQMJ84Kw7JEBx1PWn7:hXvOhKlB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2b94c9a331ecb7aab44f2792bd04a596e4efc9adb650ce79a190a81cfb230b0c

Files

2b94c9a331ecb7aab44f2792bd04a596e4efc9adb650ce79a190a81cfb230b0c
.exe windows:4 windows x86 arch:x86

c34a04a51c2b95caaa676cadc865cdf5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wsock32

gethostname
gethostbyname
socket
htonl
htons
recvfrom
WSAStartup
sendto
WSAAsyncSelect
setsockopt
bind

kernel32

IsBadWritePtr
Sleep
GetStringTypeA
GetStringTypeW
VirtualAlloc
IsBadReadPtr
IsBadCodePtr
SetStdHandle
SetEnvironmentVariableA
VirtualFree
HeapCreate
HeapDestroy
GetEnvironmentVariableA
InterlockedExchange
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
CompareStringW
CompareStringA
LCMapStringW
LCMapStringA
HeapSize
TerminateProcess
ExitThread
CreateThread
GetSystemTimeAsFileTime
RaiseException
GetSystemTime
GetTimeZoneInformation
HeapFree
HeapReAlloc
HeapAlloc
ExitProcess
GetCommandLineA
GetStartupInfoA
RtlUnwind
GetTickCount
FileTimeToLocalFileTime
FileTimeToSystemTime
SetErrorMode
SystemTimeToFileTime
LocalFileTimeToFileTime
GetFileSize
GetCurrentDirectoryA
GetOEMCP
GetCPInfo
GetProcessVersion
TlsGetValue
LocalReAlloc
TlsSetValue
GlobalReAlloc
TlsFree
GlobalHandle
TlsAlloc
LocalAlloc
SizeofResource
GlobalFlags
GetShortPathNameA
GetThreadLocale
GetStringTypeExA
GetVolumeInformationA
FindFirstFileA
FindClose
MoveFileA
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
CreateFileA
GetCurrentProcess
DuplicateHandle
GetDiskFreeSpaceA
GetFileTime
SetFileTime
GetTempFileNameA
GetPrivateProfileIntA
GetCurrentThread
lstrcmpA
CreateEventA
SuspendThread
SetThreadPriority
ResumeThread
SetEvent
WaitForSingleObject
CloseHandle
MulDiv
SetLastError
lstrcpynA
lstrlenA
InterlockedDecrement
InterlockedIncrement
FreeLibrary
lstrcatA
GetCurrentThreadId
GlobalGetAtomNameA
lstrcmpiA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
GetModuleHandleA
LockResource
FindResourceA
LoadResource
FormatMessageA
LocalFree
GetProfileStringA
GetVersion
GetPrivateProfileStringA
FatalAppExitA
GetFullPathNameA
GetModuleFileNameA
GetACP
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
GlobalFree
lstrcpyA
Beep
LoadLibraryA
GetProcAddress
GetLocalTime
MoveFileExA
CopyFileA
GetLastError
DeleteFileA
WritePrivateProfileStringA
MultiByteToWideChar
GetFileAttributesA
WideCharToMultiByte
GlobalSize
GlobalAlloc
GlobalLock
GlobalUnlock
GetVersionExA
SetUnhandledExceptionFilter

user32

MapDialogRect
CharUpperA
GetClassNameA
GetSysColorBrush
GetDCEx
LockWindowUpdate
InvertRect
InsertMenuA
CharNextA
CopyAcceleratorTableA
GetNextDlgGroupItem
MessageBeep
PostThreadMessageA
IsZoomed
FindWindowA
GetMessageA
TranslateMessage
ValidateRect
GrayStringA
DrawTextA
TabbedTextOutA
EndPaint
BeginPaint
GetWindowDC
wvsprintfA
UnpackDDElParam
ReuseDDElParam
SetMenu
DefMDIChildProcA
TranslateAcceleratorA
TranslateMDISysAccel
DefFrameProcA
BringWindowToTop
SetCursorPos
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
IsDlgButtonChecked
SetDlgItemTextA
CheckRadioButton
CheckDlgButton
GetMenuCheckMarkDimensions
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
SendDlgItemMessageA
MapWindowPoints
PeekMessageA
DispatchMessageA
SetFocus
AdjustWindowRectEx
DeferWindowPos
BeginDeferWindowPos
EndDeferWindowPos
IsWindowVisible
ScrollWindow
GetScrollInfo
SetScrollInfo
GetScrollRange
GetTopWindow
IsChild
WinHelpA
wsprintfA
GetClassInfoA
TrackPopupMenu
GetWindowTextLengthA
GetDlgCtrlID
GetKeyState
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetWindowContextHelpId
UnhookWindowsHookEx
GetPropA
CallWindowProcA
RemovePropA
GetMessageTime
GetMessagePos
GetLastActivePopup
GetForegroundWindow
SetForegroundWindow
SetWindowLongA
SetWindowPos
RegisterWindowMessageA
SystemParametersInfoA
GetWindowPlacement
GetNextDlgTabItem
EndDialog
SetActiveWindow
IsWindow
CreateDialogIndirectParamA
DestroyWindow
IsWindowEnabled
TrackPopupMenuEx
DestroyMenu
RegisterClassA
CreateWindowExA
DefWindowProcA
LoadImageW
GetDesktopWindow
KillTimer
GetScrollPos
SetScrollPos
GetDlgItem
LoadAcceleratorsA
ShowScrollBar
SetScrollRange
ClipCursor
RedrawWindow
GetFocus
IsIconic
DrawIcon
LoadIconA
GetSystemMetrics
SetRect
ScreenToClient
GetCursorPos
EnableMenuItem
PtInRect
IntersectRect
EqualRect
SetTimer
MessageBoxA
GetWindowLongA
FrameRect
InflateRect
DrawStateA
DrawFocusRect
GetActiveWindow
GetCapture
ClientToScreen
WindowFromPoint
GetIconInfo
LoadImageA
DestroyIcon
DestroyCursor
GetMenuItemID
GetMenuItemCount
GetMenuStringA
GetWindow
LoadMenuA
GetSubMenu
ReleaseCapture
SetCapture
CopyRect
CreateCaret
SetCaretPos
ShowCaret
GetCursor
LoadCursorA
LoadBitmapA
OffsetRect
SetRectEmpty
ShowOwnedPopups
PostQuitMessage
LoadStringA
GetSystemMenu
DeleteMenu
AppendMenuA
SetPropA
SetParent
IsRectEmpty
SetCursor
PostMessageA
IsClipboardFormatAvailable
GetClipboardData
OpenClipboard
EmptyClipboard
RegisterClipboardFormatA
SetClipboardData
GetDC
ReleaseDC
CloseClipboard
GetSysColor
FillRect
InvalidateRect
GetMenu
DrawMenuBar
GetWindowRect
UpdateWindow
GetParent
SendMessageA
EnableWindow
GetClientRect
IsWindowUnicode
DefDlgProcA
ExcludeUpdateRgn
HideCaret
CreateIconFromResource
LookupIconIdFromDirectory
LoadMenuIndirectA
CreateAcceleratorTableA
UnregisterClassA
GetWindowTextA

gdi32

FillPath
StrokePath
SetPolyFillMode
SetMiterLimit
ExtCreatePen
CloseFigure
SelectClipPath
IntersectClipRect
WidenPath
GetPixel
ExtEscape
SaveDC
RestoreDC
GetCharWidthA
GetOutlineTextMetricsA
GetFontData
GetTextFaceA
CreateFontA
GetRegionData
SetTextColor
SetBkColor
PatBlt
CreateRectRgnIndirect
SetBkMode
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
ExcludeClipRect
SetTextAlign
GetClipBox
GetViewportExtEx
GetWindowExtEx
CreatePatternBrush
PtVisible
TextOutA
ExtTextOutA
Escape
GetMapMode
SetRectRgn
CombineRgn
LPtoDP
GetTextMetricsA
GetTextColor
PolyBezierTo
CreatePolygonRgn
FillRgn
MoveToEx
LineTo
Ellipse
RoundRect
Rectangle
SetDIBitsToDevice
DPtoLP
GetDeviceCaps
StartDocA
StartPage
EndPage
EndDoc
StretchDIBits
SetStretchBltMode
GetObjectType
CreateBitmap
CreateDIBSection
CreateDCA
GetDIBits
GetRgnBox
GetClipRgn
DeleteDC
CreateDIBitmap
SetROP2
BitBlt
DeleteObject
CreateFontIndirectA
GetBkColor
CreateSolidBrush
SelectObject
GetTextExtentPoint32A
CreateRectRgn
SelectClipRgn
EnumFontFamiliesExA
GetTextExtentPointA
RectVisible
GetStockObject
CreateCompatibleBitmap
PathToRegion
StrokeAndFillPath
BeginPath
EndPath
PtInRegion
CreatePen
Arc
GetObjectA
CreateCompatibleDC

comdlg32

GetOpenFileNameA
CommDlgExtendedError
GetFileTitleA
ChooseColorA
PrintDlgA
GetSaveFileNameA

winspool.drv

EnumPrintersA
OpenPrinterA
ClosePrinter
GetPrinterA
DocumentPropertiesA

advapi32

RegCreateKeyA
RegSetValueExA
RegCreateKeyExA
RegQueryValueExA
RegOpenKeyExA
RegQueryValueA
RegEnumKeyA
RegOpenKeyA
RegDeleteKeyA
RegDeleteValueA
RegSetValueA
RegCloseKey
GetFileSecurityA
SetFileSecurityA

shell32

SHGetFileInfoA
DragQueryFileA
DragFinish
ShellExecuteExA
ShellExecuteA
ExtractIconA

comctl32

_TrackMouseEvent
ord17
ImageList_Destroy

oledlg

ord8

ole32

CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
CoGetClassObject
CLSIDFromString
CLSIDFromProgID
CoTaskMemFree
OleIsCurrentClipboard
OleFlushClipboard
CoTaskMemAlloc
OleInitialize
OleUninitialize
CoFreeUnusedLibraries
CoRevokeClassObject
CoRegisterMessageFilter
StgOpenStorageOnILockBytes

olepro32

ord253

oleaut32

SysAllocStringByteLen
SysStringLen
SysAllocString
VariantChangeType
VariantCopy
VariantTimeToSystemTime
VariantClear
SysAllocStringLen
SysFreeString

Sections

.text
Size: 1.9MB - Virtual size: 1.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 360KB - Virtual size: 356KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 320KB - Virtual size: 417KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 428KB - Virtual size: 428KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 92KB - Virtual size: 132KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

c34a04a51c2b95caaa676cadc865cdf5

Headers

File Characteristics

Imports

wsock32

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

olepro32

oleaut32

Sections

.text Size: 1.9MB - Virtual size: 1.9MB

.rdata Size: 360KB - Virtual size: 356KB

.data Size: 320KB - Virtual size: 417KB

.idata Size: 16KB - Virtual size: 12KB

.rsrc Size: 428KB - Virtual size: 428KB

.reloc Size: 92KB - Virtual size: 132KB

.text
Size: 1.9MB - Virtual size: 1.9MB

.rdata
Size: 360KB - Virtual size: 356KB

.data
Size: 320KB - Virtual size: 417KB

.idata
Size: 16KB - Virtual size: 12KB

.rsrc
Size: 428KB - Virtual size: 428KB

.reloc
Size: 92KB - Virtual size: 132KB