2bc1a8ae4950c04eacbe75d29c40362b

General

Target

2bc1a8ae4950c04eacbe75d29c40362b
Size

146KB
MD5

2bc1a8ae4950c04eacbe75d29c40362b
SHA1

569e6597398976742958e01dcd33a14719bf1960
SHA256

ddfd1e846fa472b215a7b708785326291cc6d71300ed9e2e8cd1d7ef95c73270
SHA512

de397cfcac150adcfefed58ddcae0e6fdf01930947947b40f752c1737e822c11790974b9edff4bb5ce21395cc2c4b1973741128b07f2488258db97da2ea1578f
SSDEEP

1536:zuHCB2sZSCjV7E5ZerBe+bQ2DVdNrwo4GfhtLqLZWfH7CB2sZSCjV7E5ZerBe+b1:zdBrh+YzNTxhw4HuBrh+YzNTxhw4H

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2bc1a8ae4950c04eacbe75d29c40362b

Files

2bc1a8ae4950c04eacbe75d29c40362b
.exe .ps1 windows:4 windows x86 arch:x86 polyglot

7991f5211829490b0aaad37294e507a7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

SetDlgItemTextA
SetWindowLongA
SetWindowTextA
SetCapture
SendMessageA
ReleaseCapture
PtInRect
MessageBoxA
LoadIconA
IsDlgButtonChecked
CallWindowProcA
CheckDlgButton
DialogBoxParamA
EndDialog
GetActiveWindow
GetCapture
GetCursorPos
GetDlgCtrlID
GetDlgItem
InvalidateRect
GetWindowRect
GetParent

kernel32

ExitThread
GlobalAlloc
RtlZeroMemory
WriteFile
GlobalFree
ResumeThread
SetThreadPriority
Sleep
SuspendThread
CreateThread
lstrcatA
WinExec
UnmapViewOfFile
CloseHandle
CopyFileA
CreateFileA
CreateFileMappingA
DeleteFileA
ExitProcess
FindResourceA
GetFileSize
GetModuleHandleA
LoadResource
MapViewOfFile
RtlMoveMemory
SetEndOfFile
SetFilePointer
SizeofResource

shell32

ShellExecuteA

gdi32

GetObjectA
GetStockObject
SelectObject
SetBkMode
SetTextColor
CreateFontIndirectA

winmm

waveOutWrite
waveOutUnprepareHeader
waveOutRestart
waveOutPrepareHeader
waveOutPause
waveOutOpen
waveOutGetPosition
waveOutClose
waveOutReset

comdlg32

GetOpenFileNameA

Sections

.text
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 63KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 63KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

7991f5211829490b0aaad37294e507a7

Headers

File Characteristics

Imports

user32

kernel32

shell32

gdi32

winmm

comdlg32

Sections

.text Size: 15KB - Virtual size: 15KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 1024B - Virtual size: 29KB

.rsrc Size: 63KB - Virtual size: 63KB

.rsrc Size: 63KB - Virtual size: 64KB

.text
Size: 15KB - Virtual size: 15KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 1024B - Virtual size: 29KB

.rsrc
Size: 63KB - Virtual size: 63KB

.rsrc
Size: 63KB - Virtual size: 64KB