2bb08d9d796e19a8ad82a230f056c377

General

Target

2bb08d9d796e19a8ad82a230f056c377
Size

119KB
MD5

2bb08d9d796e19a8ad82a230f056c377
SHA1

f27054d85cfe8eef68fea5cb09b1274e8cac48e9
SHA256

bddd011b591551c4d9c1c4ad12e07f81286074398cc67d9d506292a7c2dd97f5
SHA512

8e13dddd19329089d82738ae3630af74bfb2f28668f513a70166919bee81a85b6c6aa95ecf5a173f54d9176f4fedbfdb84fe08d89c609d990da24fd9f5c1c3a9
SSDEEP

3072:3a/wizo4BtZsO4ZG7WiS9EtTqqDL/gbHHcv:KXzo6taO4w75S9EDLYbHHk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2bb08d9d796e19a8ad82a230f056c377

Files

2bb08d9d796e19a8ad82a230f056c377
.exe windows:1 windows x86 arch:x86

ac64cf7936733947cd5e845159a63130

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

ClipCursor
CreateIcon
DdeNameService
EnumChildWindows
EqualRect
FillRect
FindWindowExA
GetKeyboardLayout
GetTopWindow
InvalidateRect
IsCharUpperA
IsWindow
IsZoomed
MonitorFromRect
PostQuitMessage
ShowCaret

kernel32

AllocConsole
BackupSeek
CancelIo
CopyFileA
CreateEventA
CreateThread
DeleteFileA
DeleteFileW
FoldStringA
GetCurrentDirectoryA
GetDiskFreeSpaceA
GetFileAttributesA
GetLastError
GetLogicalDrives
GetModuleHandleA
GetProcAddress
GetThreadTimes
GetVolumeInformationA
GlobalLock
HeapFree
IsBadStringPtrA
LocalAlloc
MoveFileA
OpenFile
Sleep
TlsFree
VirtualAlloc
lstrcatA
lstrcpynA

advapi32

LsaEnumerateAccountsWithUserRight
LsaEnumeratePrivileges
LsaEnumerateTrustedDomains
RevertToSelf
SetTokenInformation

gdi32

AnimatePalette
DeleteObject
EndDoc
FrameRgn
GetDeviceCaps
MoveToEx
PolylineTo
SetBkMode
SetTextColor
StartDocA

Sections

.text
Size: 512B - Virtual size: 272B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE

.data
Size: 112KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.code
Size: 1024B - Virtual size: 782B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 408B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ac64cf7936733947cd5e845159a63130

Headers

File Characteristics

Imports

user32

kernel32

advapi32

gdi32

Sections

.text Size: 512B - Virtual size: 272B

.data Size: 112KB - Virtual size: 112KB

.code Size: 1024B - Virtual size: 782B

.rdata Size: 4KB - Virtual size: 3KB

.rsrc Size: 512B - Virtual size: 408B

.text
Size: 512B - Virtual size: 272B

.data
Size: 112KB - Virtual size: 112KB

.code
Size: 1024B - Virtual size: 782B

.rdata
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 512B - Virtual size: 408B