2f1e988065a1b1ef8694751fc3e3d6db

General

Target

2f1e988065a1b1ef8694751fc3e3d6db
Size

167KB
MD5

2f1e988065a1b1ef8694751fc3e3d6db
SHA1

3de57a80b6ad66a08e25b79eba5e7e211a08ee4c
SHA256

e8c3972c238bfec6de732bd5b19a5841d26e8a31e3d7e984405253d82e1d989b
SHA512

69df32a1e60911410daf6df769fd8d4adf8e7005ac411608492b2609283e6a33a258b5f8a01595c56d5f40b5526212d8e8e6f2e7538d4271c078cc38650edc86
SSDEEP

3072:wsL21VYVwmw/LTc4WCrdwBS+ERoNSaquV:wsvVxiaSjRo0Q

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2f1e988065a1b1ef8694751fc3e3d6db

Files

2f1e988065a1b1ef8694751fc3e3d6db
.exe windows:5 windows x86 arch:x86

8802e395be5ae8b8c10e2f28f862b0bf

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetSystemMetrics
TranslateMessage
CharNextA
GetDC
GetParent
GetDesktopWindow

kernel32

RemoveDirectoryA
GlobalFindAtomW
lstrcmpiA
VirtualAlloc
GetModuleHandleW
GlobalFindAtomA
lstrlenA
GetTickCount
VirtualFree
GetACP
GetCommandLineA
GetUserDefaultLangID
GetCurrentThread
GetCurrentThreadId
DeleteFileA
DeleteFileW
CopyFileA
lstrcmpA
SetCurrentDirectoryA
GetThreadLocale
IsDebuggerPresent
QueryPerformanceCounter
GetStartupInfoA
lstrcmpiW
GetModuleHandleA
MulDiv
GetWindowsDirectoryA
GetDriveTypeA
GetCurrentProcess
GetVersion
GetOEMCP
GetProcessHeap
GetCurrentProcessId
GetCommandLineW

gdi32

RestoreDC
PatBlt
CreateSolidBrush
CreateFontIndirectA
CreatePalette
SetTextAlign
CreatePen
GetObjectA
GetClipBox
GetPixel
DeleteObject
LineTo
SetStretchBltMode
SetMapMode
GetDeviceCaps
RectVisible
SaveDC
DeleteDC
GetTextMetricsA
SelectPalette
SetTextColor
CreateCompatibleDC
GetStockObject
SelectObject

glu32

gluNurbsCallback

Sections

.text
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Voxfpuyw
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Vhjyilri
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 101KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8802e395be5ae8b8c10e2f28f862b0bf

Headers

File Characteristics

Imports

user32

kernel32

gdi32

glu32

Sections

.text Size: 11KB - Virtual size: 11KB

Voxfpuyw Size: 512B - Virtual size: 4KB

.rdata Size: 25KB - Virtual size: 24KB

Vhjyilri Size: 512B - Virtual size: 4KB

.data Size: 101KB - Virtual size: 100KB

.rsrc Size: 27KB - Virtual size: 27KB

.text
Size: 11KB - Virtual size: 11KB

Voxfpuyw
Size: 512B - Virtual size: 4KB

.rdata
Size: 25KB - Virtual size: 24KB

Vhjyilri
Size: 512B - Virtual size: 4KB

.data
Size: 101KB - Virtual size: 100KB

.rsrc
Size: 27KB - Virtual size: 27KB