2b9f2315b87673f0eb8ae46cb0c8d8a7

Sharing

Copy URL Twitter E-mail

General

Target

2b9f2315b87673f0eb8ae46cb0c8d8a7
Size

476KB
MD5

2b9f2315b87673f0eb8ae46cb0c8d8a7
SHA1

8bc0339aef8973ff06b90148a70519d3e8c132eb
SHA256

e3c7193c573c540edaaa6558398c7eaf6ba749141d0c0da5483521ba92b0dd8b
SHA512

2667643ba72e8e35b5edd82e4702afc8de9a517f114cc1b5933a2badbcb1163f35d826a636f51fc75f3641a5c375b9cf5f47f34720605d24bb1f61844060602b
SSDEEP

12288:HmZwtaVHgoe3h870vd1sT72kSzB/vZQU:H8kaVHHe3hC01qT7zSl/+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2b9f2315b87673f0eb8ae46cb0c8d8a7

Files

2b9f2315b87673f0eb8ae46cb0c8d8a7
.exe windows:4 windows x86 arch:x86

5f2e2b8dd0575bfd3ed1066920d986ac

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CoIsOle1Class
StringFromGUID2
RevokeDragDrop
CLSIDFromString
CLSIDFromProgID
CoFreeUnusedLibraries
OleLoadFromStream
RegisterDragDrop
OleGetClipboard
CoRegisterMessageFilter
OleGetIconOfClass
WriteClassStg
OleFlushClipboard
CreateBindCtx
GetClassFile
OleConvertOLESTREAMToIStorage
OleSetMenuDescriptor
OleSetClipboard
OleRegGetUserType
OleSave
CoRegisterClassObject
OleIsRunning
CoDisconnectObject
OleCreateFromFile
OleQueryCreateFromData
CoRevokeClassObject
CoCreateInstance
OleDoAutoConvert
StgCreateDocfile
DoDragDrop
OleQueryLinkFromData
OleInitialize
ProgIDFromCLSID
OleCreateMenuDescriptor
StgIsStorageILockBytes
StgCreateDocfileOnILockBytes
OleLockRunning
OleSaveToStream
ReadClassStg
CoLockObjectExternal
OleGetAutoConvert
CoUnmarshalInterface
StgOpenStorage
OleConvertIStorageToOLESTREAM
CreateDataAdviseHolder
ReadClassStm
CreateILockBytesOnHGlobal
IsAccelerator
OleIsCurrentClipboard
OleCreateLink
StgOpenStorageOnILockBytes
OleCreateLinkToFile
OleTranslateAccelerator
CoMarshalInterface
OleDestroyMenuDescriptor
CreateStreamOnHGlobal
OleUninitialize
CreateOleAdviseHolder
OleCreateFromData
OleRun
OleDuplicateData
OleLoad
CoGetClassObject
StringFromCLSID
BindMoniker
CoGetMalloc
OleCreateLinkFromData
MkParseDisplayName
ReleaseStgMedium
IIDFromString

user32

DdeClientTransaction
GetClassInfoExA
GetCursor
IsDialogMessageA
SetKeyboardState
ToAscii
GetWindowTextA
FindWindowA
SetWindowPos
DrawTextA
KillTimer
RegisterClassA
IsWindowVisible
GetMenuItemID
LockWindowUpdate
DdeCmpStringHandles
TabbedTextOutA
SetParent
DdeCreateDataHandle
EndDeferWindowPos
DestroyWindow
DefFrameProcA
IsRectEmpty
SendDlgItemMessageA
SetMenuItemInfoA
FrameRect
GetWindowRect
MessageBoxIndirectA
DrawMenuBar
CheckMenuItem
GetQueueStatus
CharPrevA
GetKeyboardState
TrackPopupMenu
FillRect
SetMenuDefaultItem
GetSystemMenu
CreateCursor
SetWindowsHookExA
DrawFrameControl
DefMDIChildProcA
UpdateWindow
GetMenu
DestroyIcon
InvalidateRect
GetKeyboardLayout
CharLowerA
SetWindowsHookExW
GetCaretPos
SubtractRect
GetIconInfo
DeleteMenu
ReleaseCapture
GetMessageTime
IsClipboardFormatAvailable
GetTabbedTextExtentA
DestroyCursor
PtInRect
EnableWindow
CharUpperBuffA
DdeSetUserHandle
SetClipboardData
EnumClipboardFormats
InvalidateRgn
MessageBoxA
OemToCharA
DispatchMessageA
SetScrollRange
AttachThreadInput
UnregisterClassA
DdeQueryStringA
VkKeyScanA
GetClassInfoA
CallWindowProcA
GetKeyState
GetUpdateRgn
WaitForInputIdle
IntersectRect
PostQuitMessage
GetSubMenu
CharToOemA
BeginPaint
GetScrollInfo
CharLowerBuffA
SetActiveWindow
SetTimer
SetCapture
GetMenuItemCount
DdeFreeStringHandle
CopyAcceleratorTableA
GetWindowLongA
GetUpdateRect
DdeGetLastError
GetScrollPos
GetCapture
CreateIcon
GetClassNameA
SendMessageA
SetDlgItemTextA
CharToOemBuffA
MapWindowPoints
OpenClipboard
GetFocus
DdeConnect
IsWindow
VkKeyScanW
GetWindowRgn
LoadAcceleratorsA
DdeNameService
SetFocus
IsIconic
GetMessagePos
DestroyAcceleratorTable
LoadCursorA
InsertMenuA
GetWindowThreadProcessId
BeginDeferWindowPos
LoadImageA
DdeDisconnect
GetWindowDC
SetPropA
wsprintfA
PostMessageA
RegisterClipboardFormatA
DdeFreeDataHandle
FindWindowW
BringWindowToTop
LoadBitmapA
CallNextHookEx
DdeAbandonTransaction
AppendMenuA
CharUpperA
CreateWindowExA
CopyRect
CreatePopupMenu
MessageBeep
SetWindowContextHelpId
DdeCreateStringHandleA
ShowCaret
UnhookWindowsHookEx
MsgWaitForMultipleObjects
GetDCEx
CharUpperBuffW
ClipCursor
GetMenuItemInfoA
EqualRect
EnableMenuItem
SetWindowTextA
GetSystemMetrics
SetCursorPos
SystemParametersInfoA
CloseClipboard
ShowCursor
GetDlgItem
GetMenuState
PostMessageW
GetDoubleClickTime
SetWindowLongA
GetCaretBlinkTime
GetLastActivePopup
ReleaseDC
RegisterClassExA
DefWindowProcA
GetPropA
RemoveMenu
EmptyClipboard
LoadIconA
ShowWindow
CharLowerBuffW
ModifyMenuA
TranslateMessage
CreateCaret
GetMenuStringA
keybd_event
SetCaretPos
SetScrollInfo
IsWindowEnabled
TranslateMDISysAccel
CharNextA
PeekMessageA
WinHelpA
GetClientRect
GetSysColor
GetWindowTextLengthA
ShowScrollBar
CreateAcceleratorTableA
CreateDialogParamA
SetWindowRgn
DrawFocusRect
GetParent
SetCursor
ScreenToClient
DdePostAdvise
RemovePropA
GetWindow
LoadStringA
PeekMessageW
GetAsyncKeyState
MoveWindow
PostThreadMessageA
DialogBoxParamA
GetClipboardFormatNameA
SetMenu
DdeGetData
SetForegroundWindow
HideCaret
EndPaint
AdjustWindowRect
IsZoomed
DestroyCaret
SetRect
ClientToScreen
DdeQueryConvInfo
OffsetRect
CreateMenu
GetCursorPos
GetForegroundWindow
SetScrollPos
EndDialog
WindowFromPoint
DdeUninitialize
AdjustWindowRectEx
IsChild
GetActiveWindow
DdeInitializeA
EnumThreadWindows
DestroyMenu
IsCharAlphaA
GetClipboardData
InflateRect
DrawIcon
WaitMessage
GetDC
GetDesktopWindow
DeferWindowPos

gdi32

Arc
CreateRectRgnIndirect
CreateCompatibleBitmap
RoundRect
RealizePalette
SetWindowExtEx
GetDeviceCaps
GetCurrentObject
LineTo
SetMapMode
SetStretchBltMode
GetROP2
TranslateCharsetInfo
CreateMetaFileA
Rectangle
CreatePenIndirect
GetBkColor
EnumFontsA
GetPixel
ExtCreateRegion
IntersectClipRect
GetObjectA
EndPage
ScaleWindowExtEx
CreateSolidBrush
WidenPath
ExtTextOutA
CreateRectRgn
GetTextMetricsA
Pie
UnrealizeObject
SetAbortProc
DeleteEnhMetaFile
SetBrushOrgEx
StretchBlt
CreateBitmap
EndDoc
SelectClipRgn
CreateICA
SetDIBColorTable
GetObjectType
CreateEnhMetaFileA
CloseMetaFile
CreateDCA
OffsetRgn
SetBkMode
SelectObject
SetROP2
CreateRoundRectRgn
CreatePatternBrush
CopyEnhMetaFileA
StartDocA
CreateBrushIndirect
StartPage
ResetDCA
SaveDC
GetClipBox
SetViewportExtEx
TextOutA
CreateCompatibleDC
ExcludeClipRect
PtInRegion
CreateEllipticRgnIndirect
CreatePen
EndPath
GetBitmapBits
GetWindowOrgEx
PlayMetaFile
GetTextExtentPoint32A
GetPaletteEntries
GetViewportExtEx
Escape
StretchDIBits
CreateDIBitmap
GetWindowExtEx
ScaleViewportExtEx
CreateDIBSection
PatBlt
GetStockObject
GetTextColor
GetNearestColor
CreatePalette
SelectPalette
RestoreDC
CreateHatchBrush
BeginPath
GetMapMode
MoveToEx
GetDIBits
SetBkColor
SetPixelV
SetRectRgn
PathToRegion
SetTextColor
CreateFontIndirectA
OffsetWindowOrgEx
SetViewportOrgEx
AbortDoc
CopyMetaFileA
GetEnhMetaFileHeader
CreateHalftonePalette
GetSystemPaletteEntries
BitBlt
Ellipse
DeleteObject
PlayEnhMetaFile
DeleteDC
CloseEnhMetaFile
DeleteMetaFile
GetTextExtentPointA
CombineRgn
SetWindowOrgEx

advapi32

RegDeleteKeyW
ReportEventA
RegSetValueExA
RegEnumKeyW
DeregisterEventSource
SetSecurityDescriptorDacl
RegOpenKeyA
RegEnumKeyA
RegDeleteKeyA
RegQueryValueExA
RegSetValueExW
RegCreateKeyW
RegQueryInfoKeyA
RegEnumValueA
OpenProcessToken
RegDeleteValueW
LookupPrivilegeValueA
AdjustTokenPrivileges
RegDeleteValueA
RegCreateKeyA
RegisterEventSourceA
RegQueryValueA
InitializeSecurityDescriptor
RegCloseKey
RegOpenKeyExA
RegSetValueA
RegEnumValueW
RegQueryValueExW
RegOpenKeyW

ddraw

DirectDrawEnumerateA

kernel32

GetModuleHandleA
GetUserDefaultLangID
LockFile
CreateProcessA
lstrlenA
TlsFree
RtlUnwind
CreateSemaphoreA
GetLocalTime
InterlockedIncrement
GlobalHandle
CompareStringW
SetEnvironmentVariableA
GetProcAddress
EnterCriticalSection
FileTimeToSystemTime
GetTickCount
MulDiv
SetCurrentDirectoryA
GetVersion
RemoveDirectoryA
GetCurrentThreadId
VirtualAlloc
FormatMessageW
MultiByteToWideChar
DeleteFileA
IsBadCodePtr
GetSystemDirectoryA
GetStringTypeExA
LoadResource
GetCurrentProcessId
_lread
FlushFileBuffers
GetOEMCP
GetACP
VirtualProtect
GlobalAddAtomA
GlobalDeleteAtom
CompareStringA
GetFileAttributesA
FreeResource
SetLocalTime
SetEndOfFile
WriteFile
SetHandleCount
GetVolumeInformationA
GetLastError
GlobalLock
lstrcpynA
CreateProcessW
SystemTimeToFileTime
HeapFree
LCMapStringW
SetFileAttributesA
FlushInstructionCache
GetDateFormatA
LoadLibraryExA
GetLocaleInfoA
GetUserDefaultLCID
GetVersionExA
HeapCreate
_lclose
GetCurrentProcess
GetModuleFileNameW
GetEnvironmentStrings
GlobalFree
TerminateProcess
DuplicateHandle
ExitThread
GetCommandLineA
GetCurrentDirectoryA
ReadFile
ResumeThread
GetStdHandle
GlobalUnlock
FreeEnvironmentStringsA
TlsGetValue
GetShortPathNameA
CreateDirectoryA
GetProfileStringA
GetEnvironmentStringsW
GlobalAlloc
HeapAlloc
FormatMessageA
lstrcmpiA
GlobalReAlloc
SetEvent
FreeLibrary
GetFileType
FindClose
GetSystemInfo
InterlockedDecrement
SetFilePointer
VirtualQuery
InitializeCriticalSection
GetTempFileNameA
SetStdHandle
GetTempPathA
lstrcatA
GetStartupInfoA
TlsSetValue
GetTimeZoneInformation
ReleaseSemaphore
SizeofResource
LockResource
Sleep
DeleteCriticalSection
WinExec
FindNextFileA
SetFileTime
_lwrite
FindFirstFileA
MoveFileA
FileTimeToLocalFileTime
CloseHandle
GetFullPathNameA
_llseek
GetDriveTypeA
ResetEvent
LoadLibraryA
lstrcpyA
lstrcmpiW
HeapDestroy
SetErrorMode
CreateThread
GetSystemDefaultLCID
WaitForSingleObject
HeapReAlloc
GetStringTypeW
IsDBCSLeadByte
WideCharToMultiByte
VirtualFree
lstrcmpA
LeaveCriticalSection
HeapSize
GetFileTime
GetWindowsDirectoryA
GlobalSize
FreeEnvironmentStringsW
GetSystemDefaultLangID
SearchPathA
UnlockFile
GetSystemTime
TlsAlloc
CreateFileA
GetModuleFileNameA
GetStringTypeA
GetExitCodeProcess
GetCPInfo
ExitProcess
UnhandledExceptionFilter
FindResourceA
LCMapStringA
CreateEventA
IsBadReadPtr
SetLastError
RaiseException

Sections

.text
Size: 4KB - Virtual size: 892B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 8KB - Virtual size: 2.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 424KB - Virtual size: 422KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5f2e2b8dd0575bfd3ed1066920d986ac

Headers

File Characteristics

Imports

ole32

user32

gdi32

advapi32

ddraw

kernel32

Sections

.text Size: 4KB - Virtual size: 892B

.rdata Size: 20KB - Virtual size: 17KB

.idata Size: 16KB - Virtual size: 15KB

.data Size: 8KB - Virtual size: 2.4MB

.rsrc Size: 424KB - Virtual size: 422KB

.text
Size: 4KB - Virtual size: 892B

.rdata
Size: 20KB - Virtual size: 17KB

.idata
Size: 16KB - Virtual size: 15KB

.data
Size: 8KB - Virtual size: 2.4MB

.rsrc
Size: 424KB - Virtual size: 422KB