2f9d98973692740241abbb5f2fb24d04

Sharing

Copy URL Twitter E-mail

General

Target

2f9d98973692740241abbb5f2fb24d04
Size

458KB
MD5

2f9d98973692740241abbb5f2fb24d04
SHA1

55cca4fb90688cd850ff08622683028384abc6c0
SHA256

7b45cedc097dc0030bf56c8ec8e73eb6ff956f4f703be80bd7b1f195a5eb1c5e
SHA512

db963ee7fb89cc35c01acff3e16765f6e9c5c9e2785c2956d45da1f9ae62b7d691459d502a8fc40f470c289a50e9f4f114090aabf182dce9928cfd4e2333ea53
SSDEEP

12288:gESYJpSgoKmjBOOOwgiUEvP4etRW9ejYn6OAT0kCyjXK9:bSYJFlpOP7UEvLW9taT0sXK9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2f9d98973692740241abbb5f2fb24d04

Files

2f9d98973692740241abbb5f2fb24d04
.exe windows:4 windows x86 arch:x86

26141902839a8117b33092c96b2a78ea

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

IsBadWritePtr
GetLocalTime
VirtualAlloc
WaitCommEvent
GetStdHandle
SetHandleCount
GetLastError
GetStringTypeA
GetTickCount
TlsGetValue
GetSystemTimeAsFileTime
RtlUnwind
InterlockedExchange
HeapCreate
HeapReAlloc
GetCommandLineW
GetTimeZoneInformation
GetCurrentProcessId
GetModuleFileNameA
SetFilePointer
GetCurrentThreadId
GetStartupInfoW
FreeEnvironmentStringsA
EnterCriticalSection
VirtualQuery
QueryPerformanceCounter
SetLastError
InterlockedIncrement
HeapAlloc
GetProcAddress
HeapFree
DeleteCriticalSection
GetSystemTime
GetEnvironmentStringsW
CloseHandle
ReadFile
HeapDestroy
GetCurrentThread
LCMapStringW
ExitProcess
InterlockedDecrement
TerminateProcess
SetStdHandle
LoadLibraryA
GetCurrentProcess
MultiByteToWideChar
CompareStringA
GetStringTypeExA
GetCurrencyFormatW
TlsAlloc
GetVersion
GetStartupInfoA
GetProcessHeap
TlsFree
GetCommandLineA
FileTimeToLocalFileTime
WideCharToMultiByte
CreateMutexA
FreeEnvironmentStringsW
TlsSetValue
LCMapStringA
GetStringTypeW
FlushFileBuffers
WriteFile
SetEnvironmentVariableA
InitializeCriticalSection
GetModuleHandleA
GetEnvironmentStrings
GetFileType
VirtualFree
CompareStringW
UnhandledExceptionFilter
OpenMutexA
GetCPInfo
LeaveCriticalSection
GetModuleFileNameW

comctl32

InitCommonControlsEx

user32

RegisterClassA
EndDeferWindowPos
ExitWindowsEx
BroadcastSystemMessageW
VkKeyScanA
GetClipboardFormatNameA
DdeGetLastError
GetTabbedTextExtentA
VkKeyScanExA
MapWindowPoints
ScrollWindow
RegisterClassExA
GetSysColor

Sections

.text
Size: 303KB - Virtual size: 302KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 104KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

26141902839a8117b33092c96b2a78ea

Headers

File Characteristics

Imports

kernel32

comctl32

user32

Sections

.text Size: 303KB - Virtual size: 302KB

.rdata Size: 36KB - Virtual size: 53KB

.data Size: 104KB - Virtual size: 104KB

.rsrc Size: 13KB - Virtual size: 12KB

.text
Size: 303KB - Virtual size: 302KB

.rdata
Size: 36KB - Virtual size: 53KB

.data
Size: 104KB - Virtual size: 104KB

.rsrc
Size: 13KB - Virtual size: 12KB