2bb2027110a658c1b6119d5489edac94

Sharing

Copy URL Twitter E-mail

General

Target

2bb2027110a658c1b6119d5489edac94
Size

2.0MB
MD5

2bb2027110a658c1b6119d5489edac94
SHA1

b136b608e91cd00d0b3b45b928f564873b7f6299
SHA256

67aafe216c2c113b579c06f7ad8bd99a14a4a94de449676e6559f01024c2766d
SHA512

c5ad2a8c5bac30fdf787e5dbfd02cf9d3683488837308a971277400dfd1200889b745a1e2ba8c3e29355175d6d3b69dffa3eadc164eac4354e522ace03d4a048
SSDEEP

49152:ow8IUhn1I82LLXXGl2CYSK8Qe7xM3beXtb5PDX292W6lytGrmZXgc0fkuqvYeRnZ:of1I8wXXGl2ZjPwxMLeXtb5PDX292W6G

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2bb2027110a658c1b6119d5489edac94

Files

2bb2027110a658c1b6119d5489edac94
.exe windows:5 windows x86 arch:x86

3d4744be959db5ba0159502f33f1d016

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
HeapReAlloc
RtlUnwind
RaiseException
HeapSize
VirtualAlloc
GetSystemInfo
VirtualQuery
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
SetHandleCount
GetStartupInfoA
HeapCreate
VirtualFree
GetConsoleCP
GetConsoleMode
GetTimeZoneInformation
GetSystemTimeAsFileTime
GetACP
GetOEMCP
IsValidCodePage
InitializeCriticalSectionAndSpinCount
LCMapStringA
LCMapStringW
WriteConsoleA
GetConsoleOutputCP
SetStdHandle
CreateFileA
GetLocaleInfoA
GetStringTypeA
GetStringTypeW
GetProcessHeap
SetEnvironmentVariableA
IsDebuggerPresent
FindResourceW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetStdHandle
GetFileType
WriteConsoleW
GetFileAttributesA
HeapAlloc
HeapFree
GetStartupInfoW
GetFileTime
GetFileSizeEx
GetFileAttributesW
FileTimeToLocalFileTime
SetErrorMode
CreateFileW
GetFullPathNameW
GetVolumeInformationW
FindFirstFileW
FindClose
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
InterlockedIncrement
GlobalFlags
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalAlloc
FileTimeToSystemTime
GetThreadLocale
lstrlenA
VirtualProtect
CloseHandle
WritePrivateProfileStringW
ConvertDefaultLocale
EnumResourceLanguagesW
lstrcmpA
GetLocaleInfoW
CompareStringA
InterlockedExchange
GetCurrentProcessId
GetCurrentThreadId
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
GetVersionExW
CompareStringW
LoadLibraryA
lstrcmpW
GetVersionExA
InterlockedDecrement
FreeResource
GlobalFree
GlobalAlloc
FormatMessageW
LocalFree
GlobalLock
GlobalUnlock
GetModuleHandleA
MulDiv
GetCurrentThread
QueryPerformanceCounter
CreateThread
DeleteFileA
ResumeThread
SuspendThread
SetThreadPriority
GetModuleFileNameW
Sleep
TerminateThread
GetTickCount
GetCurrentProcess
CopyFileW
GetProcAddress
SetLastError
GetLastError
GetModuleHandleW
lstrcpyW
GetWindowsDirectoryW
WinExec
lstrcatW
MultiByteToWideChar
LoadLibraryW
FreeLibrary
GetModuleFileNameA
lstrlenW
WideCharToMultiByte
LockResource
SizeofResource
LoadResource
GetCPInfo

user32

IsRectEmpty
CopyAcceleratorTableW
CharNextW
CharUpperW
UnregisterClassW
GetSysColorBrush
DestroyMenu
SetRectEmpty
GetMessageW
ValidateRect
SetWindowContextHelpId
MapDialogRect
PostQuitMessage
WindowFromPoint
GetWindowThreadProcessId
ShowWindow
MoveWindow
SetWindowTextW
IsDialogMessageW
SetDlgItemTextW
RegisterWindowMessageW
SendDlgItemMessageW
SendDlgItemMessageA
WinHelpW
IsChild
GetCapture
SetWindowsHookExW
CallNextHookEx
GetClassLongW
SetPropW
GetPropW
RemovePropW
GetForegroundWindow
GetLastActivePopup
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
GetMessageTime
GetMessagePos
PeekMessageW
MapWindowPoints
GetKeyState
SetMenu
SetForegroundWindow
SetRect
MessageBoxW
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
AdjustWindowRectEx
EqualRect
DeferWindowPos
GetDlgCtrlID
DefWindowProcW
CallWindowProcW
GetMenu
SystemParametersInfoA
IsIconic
GetWindowPlacement
UnhookWindowsHookEx
GetDesktopWindow
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamW
DestroyWindow
GetDlgItem
IsWindowEnabled
GetNextDlgTabItem
EndDialog
GetWindowTextLengthW
GetWindow
SetFocus
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
ModifyMenuW
EnableMenuItem
GetMenuState
SendMessageW
GetClassNameW
GetSystemMetrics
ReleaseDC
GetMenuStringW
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
IntersectRect
UpdateWindow
GetMenuItemID
GetSubMenu
DeleteMenu
ExitWindowsEx
GetCursorPos
DrawMenuBar
GetMenuItemCount
CheckMenuItem
PostMessageW
GetNextDlgGroupItem
InvalidateRgn
GetWindowTextW
PostThreadMessageW
RegisterClipboardFormatW
IsWindowVisible
GetDC
GetWindowRect
ScreenToClient
EnableWindow
LoadIconW
CopyRect
SetWindowPos
GrayStringW
SetWindowLongW
InvalidateRect
DrawTextExW
GetParent
TabbedTextOutW
DrawTextW
LoadBitmapW
GetClientRect
KillTimer
SetTimer
OffsetRect
DispatchMessageW
GetWindowLongW
TranslateMessage
PtInRect
GetFocus
GetSysColor
ReleaseCapture
IsWindow
RedrawWindow
CopyIcon
InflateRect
MessageBeep
LoadCursorW
SetCapture
SetCursor

gdi32

SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
GetWindowExtEx
GetCharWidthW
StretchDIBits
GetRgnBox
CreateRectRgnIndirect
GetViewportExtEx
IntersectClipRect
ExcludeClipRect
GetClipBox
SetMapMode
RestoreDC
GetDeviceCaps
SaveDC
SelectObject
CreateFontW
SetBkMode
CreateFontIndirectW
GetStockObject
GetTextColor
BitBlt
SetTextColor
DeleteDC
SetBkColor
CreateBitmap
DeleteObject
CreateCompatibleDC
DPtoLP
CreateCompatibleBitmap
GetMapMode
ExtTextOutW
PtVisible
GetBkColor
GetObjectW
Escape
RectVisible
TextOutW
CreateSolidBrush
GetTextExtentPoint32W

comdlg32

GetOpenFileNameW
GetFileTitleW

winspool.drv

DocumentPropertiesW
OpenPrinterW
ClosePrinter

advapi32

RegQueryValueExW
RegOpenKeyExW
RegSetValueExW
RegCreateKeyExW
RegOpenKeyW
RegEnumKeyW
RegDeleteKeyW
RegQueryValueW
CryptGenRandom
CryptReleaseContext
CryptAcquireContextA
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
RegCloseKey

shell32

ShellExecuteW
Shell_NotifyIconW

comctl32

InitCommonControlsEx

shlwapi

PathFileExistsW
PathAppendW
PathAppendA
PathFindExtensionW
PathFindFileNameW
PathStripToRootW
PathIsUNCW
PathFileExistsA

oledlg

OleUIBusyW

ole32

OleIsCurrentClipboard
CoRevokeClassObject
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
OleFlushClipboard
CLSIDFromString
CLSIDFromProgID
CoTaskMemAlloc
CoTaskMemFree
CoRegisterMessageFilter

oleaut32

SysStringLen
SysFreeString
SysAllocStringLen
VariantClear
VariantChangeType
VariantInit
VariantCopy
SafeArrayDestroy
VariantTimeToSystemTime
SystemTimeToVariantTime
SysAllocString
OleCreateFontIndirect

Sections

.text
Size: 626KB - Virtual size: 625KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 151KB - Virtual size: 151KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 25KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3d4744be959db5ba0159502f33f1d016

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

Sections

.text Size: 626KB - Virtual size: 625KB

.rdata Size: 151KB - Virtual size: 151KB

.data Size: 25KB - Virtual size: 48KB

.rsrc Size: 1.2MB - Virtual size: 1.2MB

.text
Size: 626KB - Virtual size: 625KB

.rdata
Size: 151KB - Virtual size: 151KB

.data
Size: 25KB - Virtual size: 48KB

.rsrc
Size: 1.2MB - Virtual size: 1.2MB