2b5002a8fc97fb27c37832260f0dc4d3

Sharing

Copy URL Twitter E-mail

General

Target

2b5002a8fc97fb27c37832260f0dc4d3
Size

1.1MB
MD5

2b5002a8fc97fb27c37832260f0dc4d3
SHA1

88347f582fef8a9730ad1fc08581021a70f5f438
SHA256

08e66ac04dd5ec832d95c797a508e4a106886374e23a4fe1ac27634523414a94
SHA512

30917b3a98f5b9f0b9d0bf32825c9a17d36bb4a3e4914d7973ed3f47eb692a810b624e2b74ab4b53eb82dda3d3d55e5a351f994f843bd4f11c4fd1077f554cc2
SSDEEP

24576:2Ywz2br7s3pys1JrXsy09JqXfiLEbQS8fGh+erN94qOvEgPV:2Yjn7sZlzUqPigbggrNS5nP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2b5002a8fc97fb27c37832260f0dc4d3

Files

2b5002a8fc97fb27c37832260f0dc4d3
.exe windows:4 windows x86 arch:x86

d5f0c64c99ebfdd0614478f603ff1662

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

GetMapMode
DrawEscape
EnumFontFamiliesExW
SetMiterLimit
EnumObjects
CreateFontIndirectW
PolyPolyline
CreateFontW
EnumFontFamiliesExA
CreateHatchBrush
CreateBitmapIndirect

user32

MessageBoxW
ShowWindow
InsertMenuA
RegisterClassExA
RegisterClassA
CreateWindowExW
GetWindowModuleFileNameW

comctl32

ImageList_AddMasked
DrawStatusText
ImageList_Copy
ImageList_LoadImageA
CreatePropertySheetPage
ImageList_Read
DrawStatusTextA
InitCommonControlsEx
ImageList_GetIconSize
DrawInsert
ImageList_Create
ImageList_Replace
ImageList_LoadImage
ImageList_GetDragImage
MakeDragList
ImageList_Draw
ImageList_Destroy
ImageList_GetImageRect
ImageList_GetBkColor
CreateStatusWindowA
ImageList_SetFilter
CreatePropertySheetPageW
ImageList_SetIconSize

kernel32

SetLastError
GetDateFormatA
LoadLibraryA
TlsFree
GetCommandLineW
OpenMutexA
GetOEMCP
IsValidCodePage
GetCPInfo
EnterCriticalSection
GetModuleFileNameA
GetACP
IsDebuggerPresent
TlsAlloc
GetCurrentThreadId
GetCurrentThread
SetFilePointer
GetSystemTime
SetConsoleCtrlHandler
GetLocaleInfoA
SetComputerNameW
LocalLock
GetCurrentProcess
GetUserDefaultLCID
RtlUnwind
LCMapStringW
VirtualFree
VirtualAlloc
InitializeCriticalSectionAndSpinCount
GetConsoleCP
GetStringTypeW
TlsSetValue
HeapCreate
GetNamedPipeInfo
WideCharToMultiByte
GetCurrentProcessId
GetTickCount
GetModuleHandleA
IsValidLocale
GetCommandLineA
GetEnvironmentStringsW
GetStartupInfoW
HeapDestroy
HeapSize
GetStringTypeA
GetModuleHandleW
GetFileType
GetSystemTimeAsFileTime
GetStdHandle
FreeEnvironmentStringsW
CreateMutexA
GetProcAddress
LCMapStringA
WriteConsoleW
VirtualQuery
CloseHandle
InterlockedExchange
WriteConsoleA
TlsGetValue
GetLocaleInfoW
FreeLibrary
SetStdHandle
InterlockedDecrement
GetLastError
GetConsoleMode
WriteFile
CompareStringA
GetStartupInfoA
CreateEventW
GetTimeFormatA
CreateFileA
SetHandleCount
DosDateTimeToFileTime
HeapReAlloc
GetFileAttributesW
HeapAlloc
EnumSystemLocalesA
UnhandledExceptionFilter
GetConsoleOutputCP
SetEnvironmentVariableA
MultiByteToWideChar
FlushFileBuffers
QueryPerformanceCounter
DeleteCriticalSection
ReadFile
TerminateProcess
HeapFree
InterlockedIncrement
GetTimeZoneInformation
SetUnhandledExceptionFilter
LeaveCriticalSection
Sleep
CompareStringW
ExitProcess
GetProfileSectionA
GetModuleFileNameW

advapi32

CryptDuplicateHash
RegSetValueA
RegFlushKey
CryptCreateHash
RegSetValueExW
RegEnumValueW
LookupSecurityDescriptorPartsA
RegEnumKeyA
RegLoadKeyA
CryptExportKey
RegSaveKeyA
RegLoadKeyW
CryptSignHashW
InitiateSystemShutdownA
RegQueryMultipleValuesW

Sections

.text
Size: 324KB - Virtual size: 324KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 49KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 749KB - Virtual size: 669KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d5f0c64c99ebfdd0614478f603ff1662

Headers

File Characteristics

Imports

gdi32

user32

comctl32

kernel32

advapi32

Sections

.text Size: 324KB - Virtual size: 324KB

.rdata Size: 49KB - Virtual size: 67KB

.data Size: 749KB - Virtual size: 669KB

.rsrc Size: 15KB - Virtual size: 15KB

.text
Size: 324KB - Virtual size: 324KB

.rdata
Size: 49KB - Virtual size: 67KB

.data
Size: 749KB - Virtual size: 669KB

.rsrc
Size: 15KB - Virtual size: 15KB