2b99bd0d6236556328d62c16c8f30a09

Sharing

Copy URL Twitter E-mail

General

Target

2b99bd0d6236556328d62c16c8f30a09
Size

457KB
MD5

2b99bd0d6236556328d62c16c8f30a09
SHA1

4de49a9701ddff6ca883502687cd0377f6524ff6
SHA256

e696c3920b17240b8db1d53165c7e18e669d7b088f8e0d4820de96773ec97cfd
SHA512

9c3f2c5eb0a56b73dc16ee41deacf573223381d367df3af6a94e2da84f714040e98795bd1326af6afb89c796994086cb0b98e344c72a3381ccc56d8dc01b7099
SSDEEP

12288:o0X/1DAfSuMMGQQsKWss3wQryOyIRWZNGON0XtyTmdX:hifSuM3DsJwDOjTOEt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2b99bd0d6236556328d62c16c8f30a09

Files

2b99bd0d6236556328d62c16c8f30a09
.exe windows:4 windows x86 arch:x86

d8f163bc0f26099fa3c78c5e2f6ffedc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetPrivateProfileStructA
GetUserDefaultLCID
RtlZeroMemory
HeapSize
InterlockedIncrement
CreateDirectoryA
ExitProcess
GetThreadSelectorEntry
WritePrivateProfileStringA
GetCurrentProcess
InitializeCriticalSectionAndSpinCount
CreateWaitableTimerW
LoadResource
EnumSystemLocalesA
TlsAlloc
SetHandleCount
TlsFree
GlobalGetAtomNameA
TlsSetValue
GetModuleFileNameW
GetLastError
SetLastError
GetTickCount
VirtualQuery
CreateMailslotA
HeapAlloc
FreeLibrary
TlsGetValue
GetFileType
GetCommandLineW
QueryPerformanceCounter
GetVersion
LeaveCriticalSection
LCMapStringA
GetStdHandle
GetLocaleInfoA
GetTimeZoneInformation
SetLocaleInfoW
GlobalFree
GlobalCompact
SetEnvironmentVariableA
GetConsoleOutputCP
TerminateProcess
GetACP
IsValidCodePage
GetStringTypeA
CompareStringW
LoadLibraryA
GetCurrentThreadId
HeapDestroy
GetModuleHandleA
WritePrivateProfileStructA
WriteProfileStringA
GetCurrentProcessId
EnterCriticalSection
MultiByteToWideChar
FreeEnvironmentStringsW
CompareStringA
GetLocaleInfoW
VirtualAlloc
InterlockedExchange
OpenEventA
RtlUnwind
GetModuleHandleW
GetStartupInfoW
GetCurrentThread
GetDateFormatA
HeapReAlloc
WideCharToMultiByte
GetStartupInfoA
GetModuleFileNameA
SetUnhandledExceptionFilter
GetOEMCP
GetStringTypeW
VirtualFree
GetSystemTimeAsFileTime
WriteConsoleOutputA
HeapCreate
IsDebuggerPresent
UnlockFileEx
GetEnvironmentStringsW
WriteFile
IsValidLocale
HeapFree
GetCPInfo
VirtualLock
GetProcAddress
GetTimeFormatA
DeleteCriticalSection
SetConsoleCtrlHandler
LCMapStringW
UnhandledExceptionFilter
InterlockedDecrement
Sleep

gdi32

TextOutW
SetPixelV
GetGlyphOutline
PtVisible

Sections

.text
Size: 156KB - Virtual size: 155KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 285KB - Virtual size: 284KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d8f163bc0f26099fa3c78c5e2f6ffedc

Headers

File Characteristics

Imports

kernel32

gdi32

Sections

.text Size: 156KB - Virtual size: 155KB

.rdata Size: 8KB - Virtual size: 34KB

.data Size: 285KB - Virtual size: 284KB

.rsrc Size: 6KB - Virtual size: 6KB

.text
Size: 156KB - Virtual size: 155KB

.rdata
Size: 8KB - Virtual size: 34KB

.data
Size: 285KB - Virtual size: 284KB

.rsrc
Size: 6KB - Virtual size: 6KB