2d46a631d5ac50c1d5676a333625054e

Sharing

Copy URL Twitter E-mail

General

Target

2d46a631d5ac50c1d5676a333625054e
Size

370KB
MD5

2d46a631d5ac50c1d5676a333625054e
SHA1

1e8a618e79d0b04d0a53cd1ebb7bac76132c5e67
SHA256

7dfbfd8f34b05abbde904edef6d329d5dd0bf32d8f9ae7ceb8657ac6edaed449
SHA512

1e43c71a796adc6cb80109b956ea0af3fb8b0982650de9ad34d42ea94186c56863d666e646acd5c398f940dae4826bf37bd9a64919217370189db0347644deb7
SSDEEP

6144:kSv9rowH5Matr6GHtFyGdyH1DWC2ABqzxvsr+K/mP9po/rhneh4x2jKwBAXiwM:kSvnH+ateUXqwb5zxvANO9pwrBemsjAZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2d46a631d5ac50c1d5676a333625054e

Files

2d46a631d5ac50c1d5676a333625054e
.exe windows:4 windows x86 arch:x86

b8916710bd11219d71f498dff8f9fdff

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

StrFormatKBSizeW
wnsprintfW
StrCmpNW
StrCpyNW
PathAddBackslashA
StrRetToBufW
SHStrDupW
PathFindFileNameW
PathAppendW
PathCombineW
PathFindFileNameA

user32

RegisterClipboardFormatW
RemoveMenu
SendMessageW
DeleteMenu
GetMenuItemInfoW
SetWindowTextW
SetMenuDefaultItem
SetCursor
InsertMenuW
LoadMenuW
LoadStringW
LoadCursorW
MessageBoxW
GetMenuItemCount
GetSubMenu
InsertMenuItemW
CreatePopupMenu
CharNextW
DestroyMenu

msvcrt

_adjust_fdiv
_except_handler3
_initterm
memmove
malloc
free

rpcrt4

RpcStringFreeW

advapi32

CredRenameW
BuildTrusteeWithNameA
ControlTraceA
ConvertSidToStringSidA
CreateServiceW
CancelOverlappedAccess

shell32

SHGetPathFromIDListW
SHGetFileInfoW
SHBrowseForFolderW
SHGetDesktopFolder
SHBindToParent
SHGetPathFromIDListA
ShellExecuteW

ntdll

NtAllocateVirtualMemory
RtlAdjustPrivilege
RtlAddAce

kernel32

GetCurrentProcess
LocalFree
lstrlenA
InterlockedDecrement
GetTickCount
_lwrite
lstrcmpiW
LocalAlloc
GetCurrentProcessId
_lclose
_lread
GetShortPathNameW
FreeLibrary
GetSystemDirectoryW
SetUnhandledExceptionFilter
LoadLibraryW
GlobalAlloc
GlobalHandle
_llseek
GetModuleHandleW
InterlockedIncrement
GetSystemTimeAsFileTime
lstrlenW
GetWindowsDirectoryW
CreateFileW
GetTempPathW
TerminateProcess
GlobalLock
lstrcpynA
lstrcpynW
UnhandledExceptionFilter
GetModuleFileNameW
GetCurrentThreadId
SetThreadPriority
QueryPerformanceCounter
GetTempFileNameW
GetProcAddress
GetVersionExW
GlobalFree
DosDateTimeToFileTime
LocalFileTimeToFileTime
GlobalUnlock
GetCurrentThread
GetStartupInfoA

ole32

ReleaseStgMedium
CoUninitialize
OleSetClipboard
CoCreateInstance
CoInitializeEx
CoTaskMemFree

Sections

.text
Size: 94KB - Virtual size: 94KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 59KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 174KB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

b8916710bd11219d71f498dff8f9fdff

Headers

File Characteristics

Imports

shlwapi

user32

msvcrt

rpcrt4

advapi32

shell32

ntdll

kernel32

ole32

Sections

.text Size: 94KB - Virtual size: 94KB

.rsrc Size: 40KB - Virtual size: 40KB

.rdata Size: 59KB - Virtual size: 59KB

.data Size: 174KB - Virtual size: 1.2MB

.text
Size: 94KB - Virtual size: 94KB

.rsrc
Size: 40KB - Virtual size: 40KB

.rdata
Size: 59KB - Virtual size: 59KB

.data
Size: 174KB - Virtual size: 1.2MB