2b2982d0db5b22406d4a622ea0664f80

Sharing

Copy URL Twitter E-mail

General

Target

2b2982d0db5b22406d4a622ea0664f80
Size

196KB
MD5

2b2982d0db5b22406d4a622ea0664f80
SHA1

35b15f5fc810bcf370966fe92ca66ec97071a16f
SHA256

d48b4844c0852bd941eb562f13e1a9f19d14394e8133489e5e856e133f303a45
SHA512

d3cd7845288e521b1a58f182e43f92bbc5fb28c451d1ad6faf9c07c3e9b5f545f06cb277a0ee0d381467ce6960a74f1feaf1c765749b410ef22e17fb60dd35e3
SSDEEP

3072:wv1qq49jsWhhET2sjhr8QdZ6KuC5TWDlrZ:Yu9zEJjV8QdZ6KuCI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2b2982d0db5b22406d4a622ea0664f80

Files

2b2982d0db5b22406d4a622ea0664f80
.exe windows:4 windows x86 arch:x86

254a5c22cff9485014f478eba85a3176

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrlenA
GetFileSize
GetDriveTypeA
FindResourceA
FindNextFileA
FindFirstFileA
lstrcpynA
ExitProcess
DeleteFileA
CloseHandle
CreateThread
CreateMutexA
CreateFileA
CreateDirectoryA
lstrcpyA
lstrcmpA
lstrcatA
WriteFile
WideCharToMultiByte
Sleep
SizeofResource
SetCurrentDirectoryA
RtlZeroMemory
ReadFile
MultiByteToWideChar
LoadResource
LoadLibraryA
InterlockedIncrement
InterlockedDecrement
HeapFree
HeapAlloc
GlobalFree
GlobalAlloc
GetVersionExA
GetProcessHeap
GetProcAddress
GetModuleHandleA
GetLogicalDriveStringsA
FindClose
GetModuleFileNameA
LockResource
SetLastError
GetLastError
MulDiv

advapi32

RegCloseKey
RegDeleteValueA
RegOpenKeyA
RegSetValueExA
RegCreateKeyExA

comctl32

ImageList_Destroy
InitCommonControls
InitCommonControlsEx
FlatSB_SetScrollProp
ImageList_AddMasked
ImageList_Create

gdi32

GetDeviceCaps
TextOutA
SetTextColor
SetPixel
SetDIBits
SetBkMode
SetBkColor
SelectObject
Rectangle
PatBlt
MoveToEx
LineTo
GetStockObject
GetDIBits
DeleteObject
DeleteDC
CreateSolidBrush
CreatePen
CreateFontIndirectA
CreateFontA
CreateDCA
CreateCompatibleDC
CreateCompatibleBitmap
CreateBrushIndirect
BitBlt

wsock32

sendto
recv
ioctlsocket
inet_ntoa
inet_addr
socket
gethostname
gethostbyname
closesocket
bind
WSAStartup
WSAAsyncSelect

user32

DrawEdge
DialogBoxIndirectParamA
SetFocus
TranslateMessage
TrackPopupMenu
ShowWindow
SetWindowTextA
SetWindowPos
SetWindowLongA
GetDC
SetTimer
SetForegroundWindow
SetDlgItemTextA
SetDlgItemInt
SetCursor
SetCapture
SendMessageA
SendDlgItemMessageA
ScreenToClient
ReleaseCapture
RegisterClassExA
PostQuitMessage
PostMessageA
MoveWindow
MessageBoxA
LoadImageA
LoadIconA
LoadCursorA
LoadBitmapA
KillTimer
AppendMenuA
BeginPaint
CallWindowProcA
CharToOemA
CheckDlgButton
CreateDialogParamA
CreatePopupMenu
CreateWindowExA
DefWindowProcA
DestroyIcon
DestroyWindow
DialogBoxParamA
DispatchMessageA
DrawIconEx
DrawTextA
EnableWindow
EndDialog
EndPaint
FillRect
GetClientRect
GetCursorPos
GetDlgItem
GetDlgItemInt
GetDlgItemTextA
GetForegroundWindow
GetMessageA
GetSystemMetrics
GetWindow
GetWindowDC
GetWindowLongA
GetWindowTextA
GetWindowTextLengthA
InvalidateRect
IsDlgButtonChecked
IsWindowEnabled

shell32

Shell_NotifyIconA

oleaut32

OleLoadPicture

ole32

IsEqualGUID
CoCreateInstance
CoInitialize
CreateStreamOnHGlobal
CoTaskMemFree
CoTaskMemAlloc
CoUninitialize

ws2_32

WSAIoctl

Sections

.text
Size: 56KB - Virtual size: 55KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 132KB - Virtual size: 131KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

254a5c22cff9485014f478eba85a3176

Headers

File Characteristics

Imports

kernel32

advapi32

comctl32

gdi32

wsock32

user32

shell32

oleaut32

ole32

ws2_32

Sections

.text Size: 56KB - Virtual size: 55KB

.rdata Size: 5KB - Virtual size: 4KB

.data Size: 2KB - Virtual size: 17KB

.rsrc Size: 132KB - Virtual size: 131KB

.text
Size: 56KB - Virtual size: 55KB

.rdata
Size: 5KB - Virtual size: 4KB

.data
Size: 2KB - Virtual size: 17KB

.rsrc
Size: 132KB - Virtual size: 131KB