2bdac102d998dc0a555c6b98f84da8d0

Sharing

Copy URL Twitter E-mail

General

Target

2bdac102d998dc0a555c6b98f84da8d0
Size

570KB
MD5

2bdac102d998dc0a555c6b98f84da8d0
SHA1

478965ab65ef86222485e10733f9508bfca14940
SHA256

cb62fd6913f14bd376654b614b668b15eda88395cfddb95de9f2eb446667ff8f
SHA512

5a49de645eb8fb0fc5610ba3042bf451d94d41e16889e633057c20918ff7ca13330a6bc295b350d7030b3df9a5ac75e506e7837c29ccdd6bfa3e702900150780
SSDEEP

12288:GJdmzj4C+6o4AZFvVB7n4z9w7I7jwUGnhZkO21Xl+XmDjfvs3VNM:GJ8zj4C+64ZVB7n4z9NjleZkx1v/V

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2bdac102d998dc0a555c6b98f84da8d0

Files

2bdac102d998dc0a555c6b98f84da8d0
.exe windows:4 windows x86 arch:x86

746bf2002a3e52357f9249353b30dc29

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

SHInvokePrinterCommandW
FindExecutableW
SHGetInstanceExplorer

kernel32

CreateMutexA
GetTickCount
GlobalHandle
GetLastError
GetSystemTime
ReadFile
HeapDestroy
VirtualQuery
GetStdHandle
GlobalAlloc
CompareStringW
LeaveCriticalSection
CreateRemoteThread
GetCommandLineA
DeleteFiber
HeapAlloc
GetModuleFileNameW
GetCurrentProcessId
GetStringTypeExW
LCMapStringA
FlushFileBuffers
GetCurrentThreadId
LocalSize
EnterCriticalSection
SetStdHandle
TlsAlloc
UnhandledExceptionFilter
HeapCreate
ExitProcess
FreeEnvironmentStringsW
VirtualAlloc
lstrcat
InterlockedDecrement
VirtualProtectEx
IsBadWritePtr
SetLastError
CloseHandle
VirtualFree
CommConfigDialogW
LCMapStringW
GetTimeZoneInformation
GetModuleHandleA
OpenMutexA
TerminateThread
GetLocalTime
GetStartupInfoA
GetCPInfo
SetFilePointer
GetModuleFileNameA
WriteConsoleW
FreeEnvironmentStringsA
GetCurrentThread
TlsGetValue
WideCharToMultiByte
GetSystemTimeAsFileTime
HeapReAlloc
TlsSetValue
InitializeCriticalSection
RtlUnwind
GetCurrentProcess
GetProcAddress
TlsFree
GetStartupInfoW
WaitForDebugEvent
LoadLibraryA
GetStringTypeW
CreateFileA
SetSystemTime
GetFileType
GetVersion
GetCommandLineW
InterlockedIncrement
TerminateProcess
InterlockedExchange
MultiByteToWideChar
HeapFree
SetHandleCount
WriteFile
OutputDebugStringA
SetEnvironmentVariableA
QueryPerformanceCounter
FindClose
GetStringTypeA
CompareStringA
DeleteCriticalSection
GetEnvironmentStringsW
GetEnvironmentStrings

comdlg32

FindTextA

gdi32

DeleteDC
SetROP2
SetBitmapBits
CreateEnhMetaFileA
AbortDoc
MoveToEx
StretchDIBits
Chord
SetMetaFileBitsEx
StrokePath
GetPixel
GetLogColorSpaceW
Escape
PlayEnhMetaFileRecord
SetFontEnumeration
ExtFloodFill
AnimatePalette
CombineRgn
SelectClipPath

comctl32

InitCommonControlsEx

user32

RegisterClassA
GetWindowTextLengthW
CharToOemA
RegisterClassExA
SetProcessDefaultLayout
GetMenuItemInfoA

Sections

.text
Size: 204KB - Virtual size: 204KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 358KB - Virtual size: 358KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

746bf2002a3e52357f9249353b30dc29

Headers

File Characteristics

Imports

shell32

kernel32

comdlg32

gdi32

comctl32

user32

Sections

.text Size: 204KB - Virtual size: 204KB

.rdata Size: 4KB - Virtual size: 12KB

.data Size: 358KB - Virtual size: 358KB

.rsrc Size: 2KB - Virtual size: 1KB

.text
Size: 204KB - Virtual size: 204KB

.rdata
Size: 4KB - Virtual size: 12KB

.data
Size: 358KB - Virtual size: 358KB

.rsrc
Size: 2KB - Virtual size: 1KB