2b312b0ffd70a7ec4abd41d407ae3ad4

General

Target

2b312b0ffd70a7ec4abd41d407ae3ad4
Size

285KB
MD5

2b312b0ffd70a7ec4abd41d407ae3ad4
SHA1

d66499045e0ee6a9a8d06d777b42d3d654b01168
SHA256

6f66422d1f09ef306070afa60e7cff425f4b3c8b1caa960cf7a5e837d7d79bc6
SHA512

8b7444878c93eeb99ce197dd1709e45a3f007611c1a3c1bd236b592316f781f484f1ac1da9eb1cf94c5c64584853df7ffb482f7ef654a73544d8195ff753226b
SSDEEP

6144:6iy5qrYP9ybTf7pmWlquCcOsqUAuKuXcu8q+8AaoK82Dn1bJh:V4T9ib1m2EWK7u8jnz52n1th

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2b312b0ffd70a7ec4abd41d407ae3ad4

Files

2b312b0ffd70a7ec4abd41d407ae3ad4
.exe windows:4 windows x86 arch:x86

094e0874062b6f08561b77e996ee74d4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentProcess
GetFileSize
FindClose
QueryDosDeviceW
FindResourceW
SetEvent
WaitForMultipleObjects
CreateWaitableTimerW
GetTickCount
LoadLibraryW
ResumeThread
GlobalAlloc
DeleteFileW
GetDriveTypeW
LockResource
ReadFile
GetPrivateProfileStringW
SetEndOfFile
FindResourceExW
SetLastError
LoadResource
ExitProcess
FreeLibrary
GetProcessHeap
HeapAlloc
HeapFree
HeapSize
IsBadReadPtr
LoadLibraryA
VirtualAlloc
VirtualFree
VirtualProtect
CreateEventW
GetModuleHandleW
CreateFileW
SetCurrentDirectoryW
GetModuleFileNameW
GetProcAddress
GlobalUnlock
DuplicateHandle
WritePrivateProfileStringW
GetLocalTime
GetFileAttributesW
SetFilePointer
WriteFile
FindFirstFileW
Sleep
InterlockedDecrement
FindFirstChangeNotificationW

user32

CreatePopupMenu
OffsetRect
CreateWindowExW
RegisterClassExW
GetWindowDC
LoadBitmapW
GetCursorPos
SetCursor
SetCapture
EndDialog
SendDlgItemMessageW
UpdateWindow
LoadCursorW
EnableWindow
RegisterHotKey
SetWindowTextW
DestroyIcon
TrackPopupMenu
InvalidateRect
SetLayeredWindowAttributes
LoadImageW

gdi32

GetDeviceCaps
DeleteDC
SelectObject
DeleteObject
SetBkColor
GetMapMode
CreateSolidBrush
CreateDCW
GetClipBox
CreateCompatibleBitmap
CreatePen
SetBkMode

advapi32

SetSecurityDescriptorDacl
StartServiceW
LookupPrivilegeValueW

shell32

Shell_NotifyIconW

ole32

CoInitialize

Sections

.text
Size: 252KB - Virtual size: 249KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

094e0874062b6f08561b77e996ee74d4

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

Sections

.text Size: 252KB - Virtual size: 249KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 24KB - Virtual size: 22KB

.text
Size: 252KB - Virtual size: 249KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 24KB - Virtual size: 22KB