2dd27b84f4c20711b95e2651cd5e2c39

Sharing

Copy URL

Twitter E-mail

General

Target

2dd27b84f4c20711b95e2651cd5e2c39
Size

680KB
MD5

2dd27b84f4c20711b95e2651cd5e2c39
SHA1

010b7e65205905633712dc0fcfb9d5073eb5db66
SHA256

07e151d220e1a284e28735b6abadf3037e948469830e1adca2bbb865b1567acd
SHA512

c8152e39fcebb407059b99ede3675a54e951dcc88298bd8b10c91e89d673acc8aacde7589c77e8eac84854492b63803866ea8afa4b7eb43c0e0523ec96390e0e
SSDEEP

12288:zPlZswMyNZCPyRBcPovYQD7HTaenq4OoiqhY1ixal:PswPEovYQ3Genqr1Bl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2dd27b84f4c20711b95e2651cd5e2c39

Files

2dd27b84f4c20711b95e2651cd5e2c39
.exe windows:4 windows x86 arch:x86

3f16ab8f75c12c88a16beef111c9ef60

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VerLanguageNameA
FindNextVolumeA
FindFirstChangeNotificationA
GetHandleInformation
CompareStringW
GetNamedPipeInfo
SignalObjectAndWait
GetModuleHandleA
ExpungeConsoleCommandHistoryA
FreeLibrary
GetConsoleCommandHistoryLengthA
IsBadStringPtrA
LocalCompact
UnmapViewOfFile
ReadConsoleInputW
VDMConsoleOperation
GetStringTypeA
UpdateResourceW
lstrcmpA
GetConsoleAliasesLengthA
_lcreat
EnterCriticalSection
DebugBreak
lstrlenW
GetLocalTime
CreateTapePartition
GlobalDeleteAtom
IsValidLocale
SystemTimeToFileTime
UnlockFileEx
LocalFlags
SetConsoleCursor
OpenProfileUserMapping
IsBadCodePtr
GetSystemTime
GetProcAddress
VirtualAlloc
LoadLibraryA
GetVersion

gdi32

CreateFontIndirectW
GetEnhMetaFileBits
GetObjectA
StartPage
AngleArc
CreateMetaFileW
SaveDC
SetTextAlign
PolyBezierTo
RemoveFontMemResourceEx
CreateCompatibleBitmap
CopyMetaFileA
CreateCompatibleDC
SetColorSpace
PlayMetaFile
CloseFigure
GetCharacterPlacementA
ResetDCW
GetBkMode
Pie
GetCharWidth32A
SetWindowExtEx
GetFontLanguageInfo
CreateColorSpaceA
SetAbortProc
CreateColorSpaceW
GetPixelFormat
GetCharacterPlacementW
SetPixelFormat
CreateRectRgn
GetViewportOrgEx
StrokeAndFillPath
GetOutlineTextMetricsA
SelectBrushLocal
RestoreDC
GetTextExtentPoint32A
CombineRgn
UpdateColors
LineTo
GdiPlayJournal
SetArcDirection
SetTextJustification
GetMetaFileW
SelectPalette
GetStockObject
CreateMetaFileA
GetEnhMetaFilePaletteEntries
PtVisible
GdiGetBatchLimit
GdiPlayDCScript
ScaleWindowExtEx
CreatePolyPolygonRgn
SetTextCharacterExtra
GetGlyphOutlineW
GetCharABCWidthsW
SelectObject
DeleteDC
PlayEnhMetaFile
CreateDIBPatternBrush
GdiPlayScript
CreateHatchBrush
Arc
EndDoc
RemoveFontResourceW
StartFormPage
SwapBuffers
GetRegionData
GetCharWidthFloatA
ColorMatchToTarget
AnimatePalette
ScaleViewportExtEx
SetWindowOrgEx
EnumFontsW
GetCharABCWidthsFloatW
CreateDIBitmap
FloodFill
RectVisible
SetTextColor
GetPixel
CreatePalette
CreateFontIndirectA
GetEnhMetaFileHeader
SetEnhMetaFileBits

comctl32

ImageList_Draw
ImageList_AddIcon
PropertySheetA
ord16
ImageList_LoadImageW
ord5
ord17
CreatePropertySheetPageW
CreatePropertySheetPageA
ImageList_GetImageRect
ImageList_EndDrag
ImageList_GetIcon
_TrackMouseEvent
ImageList_SetOverlayImage
FlatSB_SetScrollInfo
ord6
ImageList_DragLeave
ord14
FlatSB_GetScrollInfo

version

VerQueryValueA
VerFindFileW
VerQueryValueW
GetFileVersionInfoSizeW

opengl32

GlmfBeginGlsBlock
glTexCoord2sv
glRasterPos2iv
glIndexi
glNormal3dv
glLoadMatrixf
glGetTexGendv
glColor4i
glIndexf
glFrustum
glIndexdv
glVertex4s
glGetTexImage
glEvalCoord2d
glLineWidth
glLogicOp
glPointSize
glTexCoord4i
glColor3ui
glLoadMatrixd
wglCreateLayerContext
glLightModeliv
glVertex3iv
wglSetPixelFormat
glTexCoord3s
glFlush
glGetPointerv
wglCreateContext
glGetTexGeniv
glTexGeniv
glRasterPos4fv
glGetTexEnvfv
glRasterPos4d
glClearColor
glNormal3d
wglMakeCurrent
glMaterialiv
glEnd
GlmfEndPlayback
glRasterPos3i
glRasterPos3dv
glColor4usv
glRasterPos3fv
glMatrixMode
glGetClipPlane
glIndexfv
glGenLists
glPolygonMode
glCallList
glTexSubImage2D
glPolygonOffset
glEvalCoord1f
glIsList
glRotated
wglDeleteContext

winmm

midiInUnprepareHeader
midiInOpen
mmTaskSignal
waveInGetID
mmioRenameA
joyGetPos
midiStreamOut
mmioSetInfo
GetDriverModuleHandle
waveOutBreakLoop
mmioRenameW
midiOutGetErrorTextA
waveOutGetVolume
mciDriverNotify
timeEndPeriod
midiOutOpen
midiStreamStop
auxGetVolume
mmioAscend
mixerGetNumDevs
waveOutOpen
mixerGetControlDetailsW
midiOutGetDevCapsA
waveOutGetDevCapsW
timeKillEvent
waveOutMessage
waveOutPrepareHeader
mixerGetDevCapsA
mciDriverYield
auxGetDevCapsA
waveOutGetErrorTextW
midiInMessage
waveInGetNumDevs
mciGetCreatorTask
waveOutSetVolume
PlaySoundW
mmioSeek
mmsystemGetVersion
DrvGetModuleHandle
sndPlaySoundW
midiOutGetVolume
mmioDescend
mciGetYieldProc
mid32Message
WOW32ResolveMultiMediaHandle
mciFreeCommandResource
mci32Message
mciSetDriverData
mmioGetInfo
mmioOpenW
midiOutCacheDrumPatches
mxd32Message
mciSendStringW
waveOutGetPlaybackRate
timeSetEvent
DefDriverProc
mixerGetLineControlsA
midiInGetErrorTextA
joyReleaseCapture
mmioStringToFOURCCA
waveInClose
SendDriverMessage
mmioInstallIOProcW
waveInPrepareHeader
midiOutGetErrorTextW
waveInGetErrorTextA
joyGetPosEx
waveOutGetErrorTextA
mmioOpenA
joyGetThreshold
midiInGetNumDevs
midiOutReset
waveOutReset
mciGetDriverData
midiInClose
mciSetYieldProc
mmioStringToFOURCCW
midiDisconnect
mod32Message
midiInStart
joyGetDevCapsW
midiStreamOpen
mmGetCurrentTask
midiInGetErrorTextW
mixerGetControlDetailsA
midiOutPrepareHeader
OpenDriver
midiStreamClose
mixerGetLineInfoA
mmTaskBlock
midiConnect
joy32Message
midiStreamProperty
timeGetTime
waveInOpen
midiOutGetNumDevs
waveOutClose
midiOutGetID
waveInMessage
PlaySoundA
mmioCreateChunk
waveOutGetDevCapsA
waveOutSetPlaybackRate
waveOutWrite

winspool.drv

GetFormW
DeletePrinterDriverExW
CloseSpoolFileHandle
DeletePrinterIC
ConfigurePortW
SetFormA
DeletePortW
GetPrinterDriverDirectoryA
QuerySpoolMode
GetJobW
SetPrinterW
EnumMonitorsA
QueryRemoteFonts
PrinterProperties
ClosePrinter
EnumPrinterDriversA
DeleteFormA
DeletePrinterDataW
DEVICEMODE
ExtDeviceMode
AdvancedDocumentPropertiesA
DeletePrinterDriverW
AddPrinterDriverExA
GetFormA
SpoolerDevQueryPrintW
PlayGdiScriptOnPrinterIC
AddPrinterDriverA
DeletePrinterDriverA
SetJobW
AddPrintProvidorW
WritePrinter
AddPrinterDriverExW
SplDriverUnloadComplete
DocumentPropertiesA
ord206
AbortPrinter
ord101
SetPrinterDataA
EnumPrinterDataW
AddPrinterDriverW
DocumentEvent
AddPrinterA
DeletePrintProvidorW
GetPrinterDataExA
EnumPrinterDriversW
DevQueryPrintEx
GetPrinterDataExW
GetPrinterDataW
ResetPrinterA
ADVANCEDSETUPDIALOG
DEVICECAPABILITIES
ReadPrinter
AddFormW
GetPrintProcessorDirectoryA
EnumJobsA
DeletePrinterKeyW
EnumPrinterKeyW
SetPortA
ResetPrinterW
EnumPrintProcessorsA
DeletePrinterDataExW
DeleteFormW
ord201
AddPrintProcessorA
ord211
AddJobW
SetPrinterDataExA
PrinterMessageBoxA
DeletePortA
DeletePrinter
AddPortW
GetPrinterDriverW
ord100
StartDocPrinterW
AddMonitorW
AddPrinterConnectionA
ConnectToPrinterDlg
EnumPortsW
EnumPrintersA
DeviceCapabilitiesA
AddPortExA
ScheduleJob
GetPrinterW
ord204
ConvertAnsiDevModeToUnicodeDevmode
EnumFormsA
GetPrinterA
StartDocPrinterA
DeviceMode
AddPrintProcessorW
ord102
DeletePrinterKeyA
ord214
DeleteMonitorA
AddMonitorA
EXTDEVICEMODE
EnumPortsA
ord208
OpenPrinterA
CreatePrinterIC

msvcrt

_mbsncoll
_mbsnbcmp
_mbsnset
_mbsnbcat
_mbsnbset
__p__mbctype
_timezone
sprintf
_snprintf
fclose
is_wctype
fopen
_mbsstr
_spawnvp
_ismbcpunct
puts
_ismbbalnum
memcmp
_onexit
_spawnv
_get_osfhandle
strtol
_ismbcsymbol
_ismbcl0
_mbspbrk
_CIsqrt
iswupper
fsetpos
_wcsnset
_unlink
rename
$I10_OUTPUT
memset
_stati64
_mbscoll
__winitenv
_getmbcp
_tell
fputc
tmpfile
scanf
iswprint
fputs
strcat
_cscanf
_atoi64
fseek
_mbctolower
_set_sbh_threshold
_fpclass
putchar
system
__iscsym
__crtGetLocaleInfoW
_CIatan
__p__osver
_wcsicoll
ungetc
_strnset
__setusermatherr
isalpha
fscanf
ferror
_wexeclp
_wcsrev
ftell
atan2
fread
_findclose
__p__amblksiz
strncpy
__unguarded_readlc_active
_mbsicmp
_wsopen
_flsbuf
_outpd
fwrite
rewind
__lc_handle
_CIcos
_lseeki64
exit
wctomb
_ui64tow
strtoul
printf
feof
_Getdays
wcstok
__p___initenv
_endthread
_yn
fprintf
_adj_fdiv_r
_wspawnve
_ismbbpunct
_nextafter
_vsnprintf
_adj_fprem
_mbsicoll
_outp
_rotl
_fmode
_wfdopen
realloc
_itow
fwprintf
__set_app_type
fgetpos

Sections

.text
Size: 652KB - Virtual size: 648KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

3f16ab8f75c12c88a16beef111c9ef60

Headers

File Characteristics

Imports

kernel32

gdi32

comctl32

version

opengl32

winmm

winspool.drv

msvcrt

Sections

.text Size: 652KB - Virtual size: 648KB

.rdata Size: 16KB - Virtual size: 12KB

.data Size: 8KB - Virtual size: 6KB

.text
Size: 652KB - Virtual size: 648KB

.rdata
Size: 16KB - Virtual size: 12KB

.data
Size: 8KB - Virtual size: 6KB