2d108d8f3d914658f74768a8eb120dde

Sharing

Copy URL Twitter E-mail

General

Target

2d108d8f3d914658f74768a8eb120dde
Size

85KB
MD5

2d108d8f3d914658f74768a8eb120dde
SHA1

68dcf4a6d062f937495d0ca2f6993fe6512a7913
SHA256

3e2c9ca415fa35b30c20289796ca6f87a1ad74ccb1464b35c7c580b3855200fc
SHA512

2c5ef369b69be72ae4d7fca306bb8aaae89e45321318c3b795c05a4ab600753e41946993d34cf7af5c20a6851963b341b6032e9ce2068294979d26cd36d7ca88
SSDEEP

1536:F/3VbdLbCvdBUG80WwW31InCFrt1K4qUZzAfqpxCw10cCNgi6O70+9L/AOCxONsu:F/39di1B20WwW3fZpz2w10cCNlz7P9L1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2d108d8f3d914658f74768a8eb120dde

Files

2d108d8f3d914658f74768a8eb120dde
.exe windows:5 windows x86 arch:x86

7abd188b302ea9c2cd6d08556df81d80

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryW
HeapSize
RtlUnwind
MultiByteToWideChar
Sleep
GlobalFree
GetACP
GetCPInfo
GetConsoleMode
GetConsoleCP
SetFilePointer
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
SetStdHandle
WriteConsoleW
LCMapStringW
GetStringTypeW
HeapReAlloc
FlushFileBuffers
CloseHandle
QueryPerformanceFrequency
IsValidCodePage
GetModuleHandleA
InterlockedDecrement
GetLastError
HeapCreate
GlobalAlloc
GetProcessHeap
GetTickCount
GetCurrentProcess
GetOEMCP
HeapAlloc
GetCurrentThreadId
SetLastError
InterlockedIncrement
CreateFileW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
DeleteCriticalSection
GetFileType
GetCommandLineA
HeapSetInformation
GetStartupInfoW
RaiseException
DecodePointer
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
EncodePointer
TerminateProcess
HeapFree
IsProcessorFeaturePresent
EnterCriticalSection
LeaveCriticalSection
GetProcAddress
GetModuleHandleW
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameW
GetModuleFileNameA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
InitializeCriticalSectionAndSpinCount

user32

GetScrollPos
RegisterClassA
LoadCursorA
DestroyWindow
GetMessageA
SetCapture
LoadBitmapA
LoadMenuA
LoadIconA
GetClientRect
GetDC
TranslateMessage
ChildWindowFromPoint
SetWindowLongA
MessageBoxA
InvalidateRect
GetWindowLongA
CreateWindowExA
ScrollWindow
GetDesktopWindow
GetSysColor
WindowFromDC
DispatchMessageA
CloseWindow

gdi32

EndPage
BitBlt
GetTextExtentPoint32W
LineTo
DeleteDC
SetBkMode
DeleteObject
SelectObject
CreateCompatibleDC
EndDoc
MoveToEx

winspool.drv

ClosePrinter

comdlg32

PrintDlgA

advapi32

LookupAccountSidA
EqualSid
GetTokenInformation

oleaut32

GetErrorInfo

ws2_32

WSAStartup
WSACleanup

mpr

WNetGetUniversalNameA
WNetOpenEnumA
WNetEnumResourceA
WNetCloseEnum

Sections

.text
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 30KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7abd188b302ea9c2cd6d08556df81d80

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

winspool.drv

comdlg32

advapi32

oleaut32

ws2_32

mpr

Sections

.text Size: 40KB - Virtual size: 40KB

.rdata Size: 13KB - Virtual size: 12KB

.data Size: 30KB - Virtual size: 38KB

.rsrc Size: 512B - Virtual size: 436B

.text
Size: 40KB - Virtual size: 40KB

.rdata
Size: 13KB - Virtual size: 12KB

.data
Size: 30KB - Virtual size: 38KB

.rsrc
Size: 512B - Virtual size: 436B