2b32e68ed8207d85a56f4d176d52eb35

Sharing

Copy URL Twitter E-mail

General

Target

2b32e68ed8207d85a56f4d176d52eb35
Size

168KB
MD5

2b32e68ed8207d85a56f4d176d52eb35
SHA1

09e67c298a7195ee52af8efb355dfbf570bd9e1e
SHA256

e3b9871d6918505b1301265b7909211ae732f65f5f6cadbec9f84512d60c737e
SHA512

78007007280593db441fee802a178c9b73bcf6c95b15dea4d16bb909687b09a6eeb79fbcc0828256eb0931464a74b232814ca0c693e1ef7e4126e8c3e19aef9b
SSDEEP

1536:4/OLjjL5MhVjc+MradVTYQ7pt5zr6BwhkxCm3xikiQOVK6Y5niVN5N0uhfo7snYx:4K5ejUmXLPqxCm3xtOLjhfoaIlE86ls

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2b32e68ed8207d85a56f4d176d52eb35

Files

2b32e68ed8207d85a56f4d176d52eb35
.exe windows:4 windows x86 arch:x86

9f07a95949b6a3da0a730c41b59171b7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetDesktopWindow
GetParent
GetSystemMetrics
TranslateMessage
CharNextA
GetDC

kernel32

GetProcessHeap
lstrcmpiW
lstrlenA
GlobalFindAtomA
GetDriveTypeA
GetCurrentThreadId
GetOEMCP
lstrcmpiA
GetModuleHandleW
lstrlenW
QueryPerformanceCounter
GetCommandLineA
RemoveDirectoryA
GetThreadLocale
GetConsoleOutputCP
DeleteFileA
GetCommandLineW
lstrcmpA
GetModuleHandleA
CopyFileA
GetCurrentProcessId
GetACP
GetCurrentProcess
GetWindowsDirectoryA
SetCurrentDirectoryA
GetTickCount
MulDiv
IsDebuggerPresent
GlobalFindAtomW
DeleteFileW
GetUserDefaultLangID
GetCurrentThread
GetVersion
VirtualAlloc
VirtualFree

gdi32

GetClipBox
CreateCompatibleDC
GetStockObject
RestoreDC
SaveDC
GetTextMetricsA
DeleteObject
CreateSolidBrush
CreatePen
SetMapMode
DeleteDC
PatBlt
SetTextAlign
SetTextColor
GetObjectA
RectVisible
GetPixel
SelectPalette
GetDeviceCaps
SelectObject
CreatePalette
SetStretchBltMode
CreateFontIndirectA

glu32

gluNurbsCallback

Sections

.text
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Qswha Yy
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Lkxkgm O
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 101KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9f07a95949b6a3da0a730c41b59171b7

Headers

DLL Characteristics

File Characteristics

Imports

user32

kernel32

gdi32

glu32

Sections

.text Size: 11KB - Virtual size: 10KB

Qswha Yy Size: 512B - Virtual size: 4KB

.rdata Size: 25KB - Virtual size: 25KB

Lkxkgm O Size: 512B - Virtual size: 4KB

.data Size: 101KB - Virtual size: 100KB

.rsrc Size: 29KB - Virtual size: 28KB

.text
Size: 11KB - Virtual size: 10KB

Qswha Yy
Size: 512B - Virtual size: 4KB

.rdata
Size: 25KB - Virtual size: 25KB

Lkxkgm O
Size: 512B - Virtual size: 4KB

.data
Size: 101KB - Virtual size: 100KB

.rsrc
Size: 29KB - Virtual size: 28KB