2b42c6093694514dcdb6c44c29a852c8

Sharing

Copy URL Twitter E-mail

General

Target

2b42c6093694514dcdb6c44c29a852c8
Size

560KB
MD5

2b42c6093694514dcdb6c44c29a852c8
SHA1

1dcc27f77bfbd4c4e760d44bdf6f4747c0966a57
SHA256

c555bc64139ae190e48f816a05dcd0170cae43946ef6688fe2c774783616f643
SHA512

d8c8816b4b916b072c540ffae498027a90ef5821fbf3e71e576f8e5b69ab4381d9b5dc85c0ab25f052490fd99a0ac2adec3125d861346f280960fa19a72e685e
SSDEEP

12288:dKbl0v4qlJgadw+zeBK1bcuthXyalfPTnNQOEK8Su:drPChBYbbrya9nNBEK8N

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2b42c6093694514dcdb6c44c29a852c8

Files

2b42c6093694514dcdb6c44c29a852c8
.exe windows:4 windows x86 arch:x86

d88805d817f3bda9bfb82f45d6ef08f0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TlsAlloc
GlobalGetAtomNameA
GetCurrencyFormatW
ExitProcess
SetStdHandle
VirtualQuery
lstrcmpiW
GetModuleHandleA
SetLastError
SetConsoleCursorPosition
SetEndOfFile
GetPriorityClass
GetStartupInfoA
ReleaseSemaphore
EnumSystemLocalesA
WideCharToMultiByte
GetEnvironmentStringsW
EnumSystemCodePagesA
CloseHandle
GetACP
HeapAlloc
GetDateFormatA
CreateFileMappingW
RtlMoveMemory
GetLastError
GetEnvironmentStrings
UnhandledExceptionFilter
WriteConsoleInputA
FlushFileBuffers
GetConsoleCP
RtlUnwind
RaiseException
LCMapStringA
GetPrivateProfileSectionNamesW
GetAtomNameW
HeapCreate
GetLocaleInfoW
GetProcessHeaps
GetDiskFreeSpaceW
GetStartupInfoW
HeapFree
GetCurrentThreadId
VirtualAlloc
HeapSize
SetFilePointer
GetNamedPipeInfo
MapViewOfFileEx
GetCommandLineW
DeleteCriticalSection
GetLocaleInfoA
WritePrivateProfileStringA
FindNextFileW
CreateDirectoryW
VirtualFree
GetStringTypeW
InterlockedExchange
GlobalGetAtomNameW
GetStringTypeA
IsValidCodePage
GetThreadContext
GetSystemTimeAdjustment
lstrcpynW
TlsGetValue
SetConsoleTextAttribute
CreateMailslotA
lstrcpyA
FillConsoleOutputAttribute
LocalFileTimeToFileTime
WaitForSingleObject
WriteFile
GetUserDefaultLCID
GetTimeZoneInformation
GetProcessAffinityMask
GetFullPathNameA
GetCPInfo
IsBadWritePtr
EnterCriticalSection
QueryPerformanceCounter
CreateMutexA
FindFirstFileExA
CompareStringW
GetVersionExA
FlushInstructionCache
LockResource
GetCurrentThread
InitializeCriticalSection
GetTickCount
WriteConsoleInputW
HeapDestroy
SetThreadAffinityMask
LocalShrink
MultiByteToWideChar
GetStdHandle
VirtualProtect
GetCommandLineA
GetModuleFileNameW
FreeEnvironmentStringsW
GetTimeFormatA
GetFileType
LoadLibraryA
GetSystemTimeAsFileTime
EnumResourceTypesA
GetOEMCP
LocalLock
WaitForDebugEvent
GetModuleFileNameA
CreateEventW
LCMapStringW
GetCurrentProcess
lstrcpyn
HeapValidate
GetCompressedFileSizeW
GetCurrentProcessId
lstrcmpW
GetSystemInfo
GetConsoleScreenBufferInfo
HeapReAlloc
LeaveCriticalSection
lstrcpynA
TlsFree
GetProcAddress
IsDebuggerPresent
ReadFile
CompareStringA
IsValidLocale
OpenMutexA
TlsSetValue
ResetEvent
FlushViewOfFile
TerminateProcess
GetProfileStringA
FreeEnvironmentStringsA
OpenProcess
SetConsoleScreenBufferSize
SetEnvironmentVariableA
LocalReAlloc
FindResourceExA
SetHandleCount
GetShortPathNameW

comctl32

ImageList_BeginDrag
ImageList_Read
CreateToolbar
InitCommonControlsEx
ImageList_SetDragCursorImage
ImageList_Create
ImageList_GetImageCount

user32

DialogBoxIndirectParamW
IsDialogMessageW
ToUnicode
FlashWindowEx
GetOpenClipboardWindow
LoadMenuA
DrawFocusRect
GetClassLongA
DlgDirListComboBoxW
GetMenuContextHelpId
SendNotifyMessageW
CreateDialogParamW
MapVirtualKeyA
DdeUninitialize
SendIMEMessageExW
EnableMenuItem
GetMenuItemInfoA
CreateWindowExW
ValidateRect
GetInputDesktop
RealChildWindowFromPoint
DefWindowProcW
GetWindowTextA
WINNLSEnableIME
DialogBoxParamA
InsertMenuItemW
LoadMenuIndirectW
PeekMessageW
RegisterClipboardFormatA
TabbedTextOutA
GetAncestor
WindowFromDC
ShowWindow
GetClassInfoExA
CreateAcceleratorTableW
AppendMenuW
RegisterClassA
DefDlgProcW
GetProcessDefaultLayout
FrameRect
GetMenuDefaultItem
CharToOemA
IsClipboardFormatAvailable
GetWindowModuleFileNameW
MessageBoxW
DestroyWindow
TranslateMDISysAccel
GrayStringA
CreateCursor
GetDC
AppendMenuA
SetDlgItemInt
InsertMenuW
SetKeyboardState
ChildWindowFromPoint
RegisterWindowMessageW
RemoveMenu
SetScrollRange
CheckRadioButton
DdeConnect
GetCursor
RedrawWindow
RegisterClassW
SetProcessWindowStation
RegisterClassExA
UnhookWindowsHook

Sections

.text
Size: 168KB - Virtual size: 166KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 256KB - Virtual size: 255KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 112KB - Virtual size: 140KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d88805d817f3bda9bfb82f45d6ef08f0

Headers

File Characteristics

Imports

kernel32

comctl32

user32

Sections

.text Size: 168KB - Virtual size: 166KB

.rdata Size: 256KB - Virtual size: 255KB

.data Size: 112KB - Virtual size: 140KB

.rsrc Size: 20KB - Virtual size: 17KB

.text
Size: 168KB - Virtual size: 166KB

.rdata
Size: 256KB - Virtual size: 255KB

.data
Size: 112KB - Virtual size: 140KB

.rsrc
Size: 20KB - Virtual size: 17KB