2d19a1da8a78fef62ab87fb8e8af6bb3

Sharing

Copy URL Twitter E-mail

General

Target

2d19a1da8a78fef62ab87fb8e8af6bb3
Size

612KB
MD5

2d19a1da8a78fef62ab87fb8e8af6bb3
SHA1

37bcb549589670405816aeb5cb154df68ce47ddd
SHA256

6f19f9261b030e1ee59f6065e1199045e0e11552960676aba3e882451b21fa5f
SHA512

3a365e579673cdb2fd119576ba7cd64aa36c88d9f76fa271121560bc100d3b7ce10bc3df0408fb8eae9f1355e2115914463c548409bd8f781eff8ca63362fece
SSDEEP

12288:88O3ke0vSiBhre7EQlf63hUIKKD5VQR3lcPkN+:nvTBhmDYb3D5XP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2d19a1da8a78fef62ab87fb8e8af6bb3

Files

2d19a1da8a78fef62ab87fb8e8af6bb3
.exe windows:4 windows x86 arch:x86

2a841bb115822629067f67e3d37ef8df

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

OpenDesktopW
CreateWindowExA
SendDlgItemMessageW
EnumDesktopsA
ToUnicodeEx
ChangeDisplaySettingsW
WindowFromPoint
WINNLSGetIMEHotkey
RegisterClassExA
SetMenuItemInfoA
GetKeyboardState
RegisterClassA
GetNextDlgGroupItem
DdeImpersonateClient
SetPropA
EndPaint
SetCursor
SetPropW
IsChild
DdeFreeDataHandle
RealChildWindowFromPoint
AdjustWindowRectEx
UnhookWinEvent
BroadcastSystemMessageW
PackDDElParam
TrackMouseEvent
WindowFromDC
ClientToScreen
HideCaret
EnumDesktopWindows
LoadAcceleratorsW
CascadeChildWindows
CreateWindowStationA
GetMessageExtraInfo

comctl32

ImageList_SetFilter
ImageList_SetOverlayImage
InitCommonControlsEx
ImageList_GetBkColor
ImageList_GetFlags
ImageList_AddIcon

kernel32

SleepEx
GetLocaleInfoW
VirtualAlloc
SetCriticalSectionSpinCount
DeleteAtom
HeapAlloc
EnumResourceTypesW
FindNextChangeNotification
GetSystemInfo
ExitProcess
GlobalSize
VirtualQuery
SetFilePointer
GetStringTypeA
GetPrivateProfileSectionNamesW
GetConsoleMode
InterlockedExchange
GetDriveTypeA
Sleep
EnterCriticalSection
SetStdHandle
EnumResourceLanguagesA
LCMapStringW
GetStdHandle
lstrcpynW
GetStartupInfoW
FreeEnvironmentStringsW
ConvertDefaultLocale
GetCommandLineA
TlsGetValue
HeapLock
EnumTimeFormatsW
GetModuleHandleA
SetWaitableTimer
GetACP
MultiByteToWideChar
FlushFileBuffers
RtlZeroMemory
GetTickCount
LoadLibraryW
CreateFileA
ExitThread
CreateFileMappingA
SetHandleCount
UnhandledExceptionFilter
WideCharToMultiByte
CompareStringA
GetModuleFileNameA
lstrcatW
SetFileTime
GlobalHandle
OpenFileMappingA
SetConsoleMode
SetLastError
InitializeCriticalSection
GetConsoleCP
GetCurrentProcessId
GetCurrentThreadId
SetThreadPriority
InterlockedIncrement
GetLastError
TlsAlloc
TlsFree
GetFileType
HeapSize
CreateFileW
ExpandEnvironmentStringsW
GlobalGetAtomNameA
SetEndOfFile
GetModuleHandleW
CreateDirectoryExW
WaitNamedPipeW
WriteConsoleA
WriteFile
GetOEMCP
InterlockedDecrement
QueryPerformanceCounter
OpenMutexA
UnlockFile
CreateMutexA
WriteProfileStringW
SetUnhandledExceptionFilter
HeapReAlloc
CreateEventW
HeapFree
TlsSetValue
GetLocaleInfoA
WaitForMultipleObjectsEx
CreateMailslotA
LocalLock
IsValidLocale
IsDebuggerPresent
CreateRemoteThread
GetModuleFileNameW
OutputDebugStringA
CompareStringW
GetCommandLineW
GetThreadContext
LocalUnlock
ReadFile
SetLocalTime
FileTimeToSystemTime
SetConsoleCtrlHandler
GetPrivateProfileSectionA
VirtualFree
SetTimeZoneInformation
GetSystemTimeAsFileTime
GetVolumeInformationW
GetPrivateProfileIntA
GetConsoleScreenBufferInfo
GetDateFormatA
GetStartupInfoA
GetCurrentProcess
LoadLibraryA
GetCalendarInfoA
GetStringTypeW
GetConsoleOutputCP
DeleteCriticalSection
SetEnvironmentVariableW
SetEnvironmentVariableA
EnumSystemLocalesA
CloseHandle
RtlUnwind
RemoveDirectoryW
GetSystemDefaultLangID
GetCPInfo
GetProcAddress
GlobalFree
GetTimeZoneInformation
HeapDestroy
IsValidCodePage
GetPrivateProfileStructA
SetConsoleOutputCP
HeapCreate
GetCurrentThread
GetUserDefaultLCID
FormatMessageA
GetLocalTime
GetTimeFormatA
InitializeCriticalSectionAndSpinCount
SetLocaleInfoA
OpenSemaphoreW
LeaveCriticalSection
TerminateProcess
CreateEventA
WriteConsoleW
RtlMoveMemory
WritePrivateProfileSectionW
CreateProcessW
FreeLibrary
LCMapStringA
GetEnvironmentStringsW
GetFileTime
AddAtomA

Sections

.text
Size: 196KB - Virtual size: 192KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 252KB - Virtual size: 250KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 120KB - Virtual size: 124KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 40KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2a841bb115822629067f67e3d37ef8df

Headers

File Characteristics

Imports

user32

comctl32

kernel32

Sections

.text Size: 196KB - Virtual size: 192KB

.rdata Size: 252KB - Virtual size: 250KB

.data Size: 120KB - Virtual size: 124KB

.rsrc Size: 40KB - Virtual size: 38KB

.text
Size: 196KB - Virtual size: 192KB

.rdata
Size: 252KB - Virtual size: 250KB

.data
Size: 120KB - Virtual size: 124KB

.rsrc
Size: 40KB - Virtual size: 38KB