2b81f94ca454ff2f2de1697b1e15cce7

Sharing

Copy URL

Twitter E-mail

General

Target

2b81f94ca454ff2f2de1697b1e15cce7
Size

439KB
MD5

2b81f94ca454ff2f2de1697b1e15cce7
SHA1

7bb15ab70a1419dd3649745a4eeef8f6761876f0
SHA256

06f3e53fa790af14343ad4134e493a0a0cfcb5b2bd5ea63d76e88763e77db5b9
SHA512

c4ef44cb768643863eae06c4826e416dec0b278dd487128f7e0908bfd03ebb2ced60c049be94cd435bbef07d95ec73e9d0ba96c170ba85dec157f76f75011eaf
SSDEEP

12288:7fCMku23o78luWQcYWvkfodciW1TpdSkAU:7fdkuiRop7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2b81f94ca454ff2f2de1697b1e15cce7

Files

2b81f94ca454ff2f2de1697b1e15cce7
.exe windows:4 windows x86 arch:x86

5e7329ed846affd335c9ec342ea832b2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareStringA
GetACP
GetVersionExA
FillConsoleOutputCharacterW
RtlUnwind
GetLastError
GetLongPathNameA
GetCurrentProcess
GetCurrentThread
VirtualAlloc
HeapSize
GetTimeZoneInformation
HeapReAlloc
FreeEnvironmentStringsW
EnumDateFormatsExW
FreeEnvironmentStringsA
GetConsoleCP
VirtualFree
GetModuleFileNameA
lstrcpy
GetFileType
UnhandledExceptionFilter
DeleteCriticalSection
GetEnvironmentStringsW
TlsGetValue
LoadLibraryA
GetTickCount
GetSystemTimeAsFileTime
GetDateFormatA
GlobalCompact
GetStdHandle
QueryPerformanceCounter
MultiByteToWideChar
IsDebuggerPresent
WideCharToMultiByte
InterlockedIncrement
LCMapStringW
OpenEventA
HeapAlloc
GetCPInfo
HeapFree
GetFileAttributesExA
TlsAlloc
GetCurrentProcessId
ReadConsoleInputA
GetLocaleInfoA
TlsFree
IsValidLocale
GetStartupInfoA
GetWindowsDirectoryA
EnterCriticalSection
GetLocaleInfoW
LoadResource
SetLastError
IsValidCodePage
SetEnvironmentVariableA
MoveFileExA
Sleep
SetUnhandledExceptionFilter
SetHandleCount
ConnectNamedPipe
GlobalUnfix
InterlockedDecrement
TlsSetValue
GlobalUnlock
WaitForSingleObjectEx
GetProcessHeap
GetProcAddress
EnumSystemLocalesA
FreeLibrary
SetComputerNameA
GetUserDefaultLCID
InterlockedExchange
WriteFile
SetConsoleCtrlHandler
GetCommandLineA
VirtualQuery
LeaveCriticalSection
LCMapStringA
GetLocalTime
HeapCreate
GetCurrentThreadId
GetStringTypeW
GetTempPathA
TerminateProcess
CompareStringW
GetTimeFormatA
GetProfileIntA
GetModuleHandleA
InitializeCriticalSection
GetEnvironmentStrings
GetOEMCP
GetConsoleTitleW
ExitProcess
HeapDestroy
GetConsoleTitleA
GetStringTypeA

comdlg32

ReplaceTextA
ChooseColorA
GetSaveFileNameW
ChooseFontA
FindTextA
ChooseColorW
PrintDlgW
GetOpenFileNameW
GetFileTitleA
PrintDlgA
PageSetupDlgA
LoadAlterBitmap
GetSaveFileNameA

shell32

InternalExtractIconListA
SHChangeNotify
SHGetNewLinkInfo
SHGetPathFromIDListA
SHGetPathFromIDList
DragQueryPoint
SHBrowseForFolderA

Sections

.text
Size: 149KB - Virtual size: 149KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 276KB - Virtual size: 294KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5e7329ed846affd335c9ec342ea832b2

Headers

File Characteristics

Imports

kernel32

comdlg32

shell32

Sections

.text Size: 149KB - Virtual size: 149KB

.data Size: 276KB - Virtual size: 294KB

.rsrc Size: 13KB - Virtual size: 12KB

.text
Size: 149KB - Virtual size: 149KB

.data
Size: 276KB - Virtual size: 294KB

.rsrc
Size: 13KB - Virtual size: 12KB