2fce4c2de3c9b475d6a5865b6dbd4128

Sharing

Copy URL Twitter E-mail

General

Target

2fce4c2de3c9b475d6a5865b6dbd4128
Size

425KB
MD5

2fce4c2de3c9b475d6a5865b6dbd4128
SHA1

7c9d8d9e452a27e157fd6bc2b70d78732fbfc48d
SHA256

e8b08c0cd730b1ef9a202862f905fab16323b8134fc57c87554b1ec29dc93b4c
SHA512

a17edd2ec1363ced4a2fdc554ce07cfafcf88bea087fa3fab753b8b37d0a67c569aa70668d035a2fe0b0d5886ab20791fa0c16cc631302950342476073c326c8
SSDEEP

6144:Cmnptmq7KKKdp3VXNemIqzK2uGmS0lCVcCqFRb7xXm3525TWV3U34AOp+hrD:Cmnj/32FwqzF0lCyCWj43b+9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2fce4c2de3c9b475d6a5865b6dbd4128

Files

2fce4c2de3c9b475d6a5865b6dbd4128
.exe windows:4 windows x86 arch:x86

8948c0ad87dbb24f3f021f02c9bc6335

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

CreateToolbarEx
ImageList_Remove
ord6
ImageList_ReplaceIcon
InitCommonControlsEx
ord17
ImageList_Destroy
ImageList_Create
ImageList_SetBkColor

kernel32

lstrcatA
HeapAlloc
GetProcessHeap
HeapFree
ExitThread
Sleep
CreateThread
VirtualAlloc
VirtualFree
GetProcAddress
OpenProcess
IsBadStringPtrA
IsBadReadPtr
lstrcmpA
VirtualQuery
SetFilePointer
GetModuleFileNameA
GetSystemInfo
GetFileTime
GetFileSize
FileTimeToDosDateTime
FileTimeToLocalFileTime
GlobalMemoryStatus
GetSystemTimeAsFileTime
GlobalReAlloc
FlushFileBuffers
DeviceIoControl
MapViewOfFile
CreateFileMappingA
UnmapViewOfFile
FlushViewOfFile
SetEndOfFile
LocalFree
SetProcessShutdownParameters
ExitProcess
DeleteFileA
GetLocalTime
SetCurrentDirectoryA
WriteProcessMemory
GetLastError
GetCurrentProcess
SetPriorityClass
TerminateThread
LocalAlloc
SetFileAttributesA
CopyFileA
FileTimeToSystemTime
FindNextFileA
LoadLibraryA
FreeLibrary
HeapReAlloc
VirtualQueryEx
WritePrivateProfileStructA
GetPrivateProfileStructA
WideCharToMultiByte
SetStdHandle
GetStringTypeW
GetStringTypeA
IsBadCodePtr
IsBadWritePtr
SetUnhandledExceptionFilter
HeapCreate
HeapDestroy
GetVersionExA
GetEnvironmentVariableA
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetOEMCP
GetACP
GetCPInfo
HeapSize
LCMapStringW
LCMapStringA
MultiByteToWideChar
GetCommandLineA
GetStartupInfoA
RtlUnwind
lstrcmpiA
GetModuleHandleA
CreateFileA
WriteFile
CloseHandle
CreateProcessA
VirtualProtectEx
GetCurrentDirectoryA
ReadProcessMemory
OutputDebugStringA
ResumeThread
TerminateProcess
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
GetTempPathA
GetTickCount
GetTempFileNameA
ReadFile
FindFirstFileA
FindClose
GetFileAttributesA
lstrcpynA
lstrcpyA
lstrlenA
GetVersion
GetPriorityClass

user32

GetWindowLongA
wvsprintfA
SetWindowPos
FindWindowA
RedrawWindow
GetWindowTextA
EnableWindow
GetSystemMetrics
IsWindow
CheckRadioButton
UnregisterClassA
SetCursor
GetSysColorBrush
DialogBoxParamA
DestroyAcceleratorTable
DispatchMessageA
TranslateMessage
LoadIconA
EmptyClipboard
SetClipboardData
SetFocus
CharUpperA
OpenClipboard
IsDialogMessageA
TranslateAcceleratorA
GetMessageA
LoadAcceleratorsA
RemoveMenu
InvalidateRect
ChildWindowFromPoint
PostMessageA
DestroyCursor
CreateDialogParamA
GetWindowRect
IsMenu
GetSubMenu
SetDlgItemInt
GetWindowPlacement
CharLowerBuffA
EnableMenuItem
CheckMenuRadioItem
GetSysColor
KillTimer
DestroyIcon
DestroyWindow
PostQuitMessage
GetClientRect
MoveWindow
GetSystemMenu
SetTimer
SetWindowPlacement
InsertMenuItemA
GetMenu
CheckMenuItem
SetMenuItemInfoA
SetActiveWindow
DefDlgProcA
RegisterClassA
EndDialog
SetDlgItemTextA
EnumClipboardFormats
GetClipboardData
CloseClipboard
GetClassInfoA
CallWindowProcA
SetWindowLongA
IsDlgButtonChecked
SetWindowTextA
CheckDlgButton
GetActiveWindow
MessageBoxA
wsprintfA
GetDlgItemTextA
SendMessageA
GetCursorPos
TrackPopupMenu
ClientToScreen
DestroyMenu
CreatePopupMenu
AppendMenuA
SendDlgItemMessageA
GetDlgItem
LoadCursorA

gdi32

GetObjectA
GetStockObject
DeleteObject
SetBkMode
SetTextColor
CreateFontIndirectA
SelectObject

comdlg32

GetOpenFileNameA
GetSaveFileNameA

advapi32

RegCreateKeyA
RegSetValueA
GetUserNameA
RegCloseKey
RegOpenKeyExA
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
RegQueryValueExA
RegDeleteKeyA

shell32

SHBrowseForFolderA
SHGetPathFromIDListA
SHGetMalloc
SHGetFileInfoA
DragAcceptFiles
DragQueryFileA
DragFinish
ShellExecuteA

imagehlp

BindImageEx
CheckSumMappedFile
ImageRvaToSection
ImageNtHeader
ImageRvaToVa

pesniffer

IsDataBaseLoaded
GetTotalSignatures
AnalyzeFile

cadt

InstrDecode
InstrDasm
MakeMnemonic
GetCadtVersion

ndump

DumpProcess

rebpe32

ResizeFile
DumpFixer32
ValidateDump32
RebuildPE
ValidatePE
ReBasePEImage
WipeReloc
DumpFix
RebuildResourceDirectoryMemory32
GetRealNumberOfSections
GetRealNumberOfSections64
DumpFixer64

procs32

GetModuleHandleEx
GetModuleFirst
GetProcessFirst
GetModuleNext
GetProcessBaseSize
GetProcessPath
GetModuleImageSize
IsProcessRunned
GetNumberOfProcesses
GetNumberOfModules
GetProcessNext

uupdatesystem

ShowUpdateDialog

hedit32

HESetInternalOptions
HEShowWindow

Sections

.data
Size: 237KB - Virtual size: 237KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 187KB - Virtual size: 288KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

8948c0ad87dbb24f3f021f02c9bc6335

Headers

File Characteristics

Imports

comctl32

kernel32

user32

gdi32

comdlg32

advapi32

shell32

imagehlp

pesniffer

cadt

ndump

rebpe32

procs32

uupdatesystem

hedit32

Sections

.data Size: 237KB - Virtual size: 237KB

.rsrc Size: 187KB - Virtual size: 288KB

.data
Size: 237KB - Virtual size: 237KB

.rsrc
Size: 187KB - Virtual size: 288KB