2fa92125ab0603207fb466679eb9fa12

Sharing

Copy URL

Twitter E-mail

General

Target

2fa92125ab0603207fb466679eb9fa12
Size

3.6MB
MD5

2fa92125ab0603207fb466679eb9fa12
SHA1

9a05f218c4928873c7a531b1a711a6feadc5c99c
SHA256

81e2e6815990e1ea13431175d423732278a8d38fbc0acdfc5876ae203351e97c
SHA512

480aca700c3af0bc36f3916a47a765328723f22868adf30c0dc86195fef63b6ba9bc8f57ef94bc0b032621c598af71635b8f75820e9703d78014565b270cf861
SSDEEP

49152:z1moWz6wWybVoKaoaVGbczNTBRDsT3TkDGMfv0O9QyHtDsYLdhqkPy+hyvNU/O:z1mHQybVoKmVGbcLGMpdhqkPKeO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2fa92125ab0603207fb466679eb9fa12

Files

2fa92125ab0603207fb466679eb9fa12
.exe windows:5 windows x86 arch:x86

ab18a79f935ad881977807c7f1826d34

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileType
GetFileAttributesW
GetWindowsDirectoryW
RaiseException
FindNextFileW
ReadFile
CreateThread
DuplicateHandle
ExpandEnvironmentStringsW
SetLastError
LocalAlloc
GetCommandLineW
SetErrorMode
HeapSize
GetProcessHeap
InterlockedExchange
HeapFree
RtlUnwind
HeapAlloc
UnhandledExceptionFilter
SetEnvironmentVariableW
IsDebuggerPresent
WriteConsoleW
GetSystemTimeAsFileTime
CreateDirectoryA
CreateDirectoryW
GetCommandLineA
GetStartupInfoA
HeapReAlloc
ExitThread
SetStdHandle
GetConsoleCP
GetConsoleMode
FlushFileBuffers
SetFilePointer
GetDriveTypeA
GetFullPathNameA
GetFullPathNameW
MoveFileW
MoveFileA
DeleteFileA
GetFileAttributesA
RemoveDirectoryW
LCMapStringA
LCMapStringW
HeapCreate
VirtualFree
VirtualAlloc
GetCurrentThread
GetModuleFileNameA
SetHandleCount
GetModuleHandleA
GetOEMCP
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
InitializeCriticalSectionAndSpinCount
GetTimeFormatA
GetDateFormatA
GetLocaleInfoA
EnumSystemLocalesA
GetStringTypeA
GetStringTypeW
WriteConsoleA
GetConsoleOutputCP
GetCurrentDirectoryA
CreateFileA
CompareStringW
SetEnvironmentVariableA
SetEndOfFile
CompareStringA
GetFileAttributesExW
FormatMessageA
MapViewOfFile
CreateFileMappingW
UnmapViewOfFile
QueryPerformanceFrequency
CreateEventA
CreateSemaphoreA
CreateIoCompletionPort
GetQueuedCompletionStatus
InterlockedExchangeAdd
PostQueuedCompletionStatus
InterlockedCompareExchange
QueueUserAPC
SleepEx
DeviceIoControl
SetFilePointerEx
ReadFileScatter
GetOverlappedResult
WriteFileGather
VirtualLock
VirtualUnlock
lstrcpyA
GetSystemTime
SetThreadAffinityMask
GetDiskFreeSpaceW
IsValidCodePage
GetCPInfo
GetEnvironmentVariableW
GetThreadLocale
GetTimeZoneInformation
GetTempFileNameW
FindFirstFileW
FindClose
SystemTimeToFileTime
OutputDebugStringW
GetStdHandle
GetTempPathW
GetCurrentProcessId
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
GetACP
ExitProcess
GetCurrentProcess
GetProcessAffinityMask
TlsSetValue
TlsGetValue
ResumeThread
TerminateThread
SetThreadPriority
VirtualQuery
InterlockedDecrement
InterlockedIncrement
ReleaseSemaphore
CreateSemaphoreW
LoadLibraryW
GetSystemInfo
GetCurrentThreadId
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
ResetEvent
WaitForMultipleObjects
SetWaitableTimer
CreateWaitableTimerA
SetEvent
CreateEventW
WaitForSingleObject
SetCurrentDirectoryW
ReleaseMutex
OpenMutexW
CreateMutexW
TlsAlloc
TlsFree
DeleteFileW
CopyFileW
GetModuleHandleW
GetModuleFileNameW
CreateProcessW
FormatMessageW
LocalFree
GetCurrentDirectoryW
SetFileTime
GetVersionExW
GetProcAddress
LoadLibraryA
OpenProcess
TerminateProcess
FreeLibrary
GetFileSize
WriteFile
Sleep
GetTickCount
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
lstrlenA
MultiByteToWideChar
lstrlenW
WideCharToMultiByte
GetLastError
CreateFileW
GetFileSizeEx
GetFileTime
SetUnhandledExceptionFilter
CloseHandle

user32

DrawFocusRect
OffsetRect
GetMenuState
CheckMenuItem
CheckMenuRadioItem
ModifyMenuW
SetMenuItemInfoW
CreatePopupMenu
DestroyMenu
RemoveMenu
InsertMenuW
AppendMenuW
CreateMenu
GetSubMenu
InsertMenuItemW
MapWindowPoints
DestroyAcceleratorTable
CreateAcceleratorTableW
TranslateAcceleratorW
DestroyCursor
GetMessageW
ValidateRect
keybd_event
IsClipboardFormatAvailable
HideCaret
UnionRect
ChildWindowFromPoint
DefFrameProcW
TranslateMDISysAccel
DefMDIChildProcW
GetMenuStringW
GetMessagePos
DrawEdge
RegisterClipboardFormatW
ChangeDisplaySettingsW
EnumDisplaySettingsW
ShowCursor
DrawStateW
DrawStateA
KillTimer
SetTimer
DispatchMessageA
PeekMessageA
MessageBoxA
BeginPaint
GetWindowDC
EndPaint
GetDlgItem
CreateDialogParamW
CreateIconIndirect
LoadImageW
DestroyIcon
GetIconInfo
LoadBitmapW
InflateRect
GetUpdateRgn
GetSysColor
SetWindowsHookExW
IsDialogMessageW
TrackPopupMenu
IsWindow
PtInRect
GetCapture
UnhookWindowsHookEx
UnregisterHotKey
RegisterHotKey
CallNextHookEx
GetActiveWindow
GetMenuItemCount
GetMenuItemInfoW
SystemParametersInfoW
GetMessageTime
GetWindow
CopyRect
EndDeferWindowPos
InvalidateRect
SetWindowTextW
GetFocus
IsWindowEnabled
IsWindowVisible
CallWindowProcW
DeferWindowPos
ClientToScreen
ScreenToClient
UpdateWindow
RedrawWindow
SetParent
GetCursorPos
WindowFromPoint
GetParent
ScrollWindow
SetScrollInfo
GetScrollInfo
SetCursorPos
ReleaseCapture
SetCapture
ShowWindow
EnableWindow
SetFocus
SetWindowPos
SetWindowLongW
FillRect
GetKeyState
GetAsyncKeyState
VkKeyScanW
GetDC
ReleaseDC
DispatchMessageW
TranslateMessage
RegisterWindowMessageW
DdePostAdvise
DdeConnect
DdeNameService
DdeCreateStringHandleW
DdeClientTransaction
DdeDisconnect
DdeInitializeW
DdeGetLastError
DdeCreateDataHandle
DdeGetData
DdeFreeDataHandle
DdeUninitialize
DdeQueryStringW
DdeFreeStringHandle
DestroyWindow
SendMessageW
SetCursor
RegisterClassW
MessageBeep
PeekMessageW
MessageBoxW
PostThreadMessageW
CloseClipboard
SetClipboardData
OpenClipboard
RegisterClipboardFormatA
DrawTextW
GetForegroundWindow
CreateDialogIndirectParamW
FlashWindow
GetSystemMenu
EnableMenuItem
DrawMenuBar
GetDesktopWindow
IsIconic
IsZoomed
BringWindowToTop
GetUpdateRect
DrawIcon
SetMenu
UnregisterClassW
GetWindowTextLengthW
GetWindowTextW
GetClassNameW
DrawIconEx
CreateWindowExW
MoveWindow
LoadCursorW
RegisterClassExW
DefWindowProcW
PostQuitMessage
PostMessageW
GetSystemMetrics
LoadIconW
SetForegroundWindow
SetWindowRgn
GetWindowLongW
GetClientRect
AdjustWindowRectEx
GetClipboardData
BeginDeferWindowPos
DrawFrameControl
GetWindowRect

gdi32

PolyBezier
Polyline
SetPixel
GetPixel
ExtFloodFill
ExtSelectClipRgn
GetClipBox
OffsetRgn
ExtCreateRegion
GetRegionData
TextOutW
SetTextColor
SetStretchBltMode
CreatePalette
GetNearestPaletteIndex
CreatePatternBrush
CreateSolidBrush
CreateHatchBrush
GetStockObject
CreatePen
SetROP2
GetCharABCWidthsW
GetTextExtentExPointW
SetWindowOrgEx
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
ExtCreatePen
SaveDC
RestoreDC
SetBkMode
GetDeviceCaps
CreateFontIndirectW
SetBkColor
CreateBitmap
CreateCompatibleBitmap
BitBlt
DeleteDC
CreateCompatibleDC
GetPaletteEntries
DeleteObject
GetObjectW
ExcludeClipRect
CreateRectRgn
GetTextExtentPoint32W
SelectPalette
RealizePalette
GdiFlush
GetTextMetricsW
SetMapMode
GetBkColor
GetTextColor
SelectClipRgn
Arc
Pie
Polygon
SetPolyFillMode
PolyPolygon
Rectangle
RoundRect
Ellipse
SetBrushOrgEx
MaskBlt
StretchBlt
StretchDIBits
LineTo
MoveToEx
GetRgnBox
EqualRgn
PtInRegion
RectInRegion
CombineRgn
CreateRectRgnIndirect
SetTextAlign
CreateDIBSection
GetDIBits
CreateDIBitmap
GetDIBColorTable
PatBlt
CreateICW
GetSystemPaletteEntries
EnumFontFamiliesExW
SetAbortProc
EndDoc
StartPage
EndPage
StartDocW
CreateDCW
GetEnhMetaFileW
CopyEnhMetaFileW
DeleteEnhMetaFile
SelectObject

shell32

DragAcceptFiles
DragFinish
Shell_NotifyIconW
ShellExecuteExW
SHGetSpecialFolderLocation
DragQueryPoint
DragQueryFileW
ExtractIconW
ExtractIconExW
ShellExecuteW
SHFileOperationW
SHGetPathFromIDListW
SHGetMalloc

ole32

OleGetClipboard
ReleaseStgMedium
OleFlushClipboard
OleIsCurrentClipboard
OleSetClipboard
RevokeDragDrop
CoLockObjectExternal
RegisterDragDrop
CoCreateInstance
OleInitialize
OleUninitialize
OleCreate
OleSetContainedObject

oleaut32

SysAllocString
VariantClear

wininet

InternetCloseHandle
InternetOpenW
InternetQueryDataAvailable
InternetReadFile
HttpQueryInfoW
HttpSendRequestW
HttpOpenRequestW
InternetConnectW

ws2_32

WSACleanup
WSAIoctl
socket
__WSAFDIsSet
select
inet_addr
accept
WSAStartup
ntohl
htonl
WSASetLastError
WSAAddressToStringA
WSAGetLastError
WSAStringToAddressA
htons
ntohs
setsockopt
WSASocketW
closesocket
bind
listen
getsockname
WSASend
getservbyname
gethostbyname
getsockopt
getpeername
WSASendTo
WSARecvFrom
ioctlsocket
connect
WSARecv

comctl32

ord16
CreateStatusWindowW
ImageList_GetIconSize
ImageList_Draw
ImageList_GetImageCount
ImageList_Create
ImageList_Destroy
ImageList_ReplaceIcon
ImageList_Add
ImageList_EndDrag
ImageList_DragMove
ImageList_DragEnter
ImageList_DragLeave
ImageList_SetDragCursorImage
ImageList_BeginDrag
ord17

comdlg32

GetSaveFileNameW
ChooseFontW
GetOpenFileNameW
PrintDlgW
PageSetupDlgW
CommDlgExtendedError
ChooseColorW

advapi32

FreeSid
AllocateAndInitializeSid
EqualSid
GetTokenInformation
OpenThreadToken
RegQueryValueExW
RegOpenKeyExW
RegCloseKey
OpenProcessToken

mswsock

GetAcceptExSockaddrs
AcceptEx

Sections

.text
Size: 2.0MB - Virtual size: 2.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 552KB - Virtual size: 551KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 83KB - Virtual size: 244KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.SHARED
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 2B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 110KB - Virtual size: 109KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 232KB - Virtual size: 232KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ab18a79f935ad881977807c7f1826d34

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

shell32

ole32

oleaut32

wininet

ws2_32

comctl32

comdlg32

advapi32

mswsock

Sections

.text Size: 2.0MB - Virtual size: 2.0MB

.rdata Size: 552KB - Virtual size: 551KB

.data Size: 83KB - Virtual size: 244KB

.SHARED Size: 512B - Virtual size: 4B

.tls Size: 512B - Virtual size: 2B

.rsrc Size: 110KB - Virtual size: 109KB

.reloc Size: 232KB - Virtual size: 232KB

.text
Size: 2.0MB - Virtual size: 2.0MB

.rdata
Size: 552KB - Virtual size: 551KB

.data
Size: 83KB - Virtual size: 244KB

.SHARED
Size: 512B - Virtual size: 4B

.tls
Size: 512B - Virtual size: 2B

.rsrc
Size: 110KB - Virtual size: 109KB

.reloc
Size: 232KB - Virtual size: 232KB