2bdb121122273ab8e3881d29735d01dc

General

Target

2bdb121122273ab8e3881d29735d01dc
Size

36KB
MD5

2bdb121122273ab8e3881d29735d01dc
SHA1

de78437f3bfcc64f177d0773d5e5312c978f8803
SHA256

070992822dd342bf291ac3878c8e2d0ae247d4b00b4f5a140f83c743965ef73e
SHA512

4e127e65bef9808ccb9b4e03a9511f0d078fa6dba43782ea96d1c95b7efb4db7d3e174b9ba2da01a2876b22eb28fa629c80120dcf225ac04abc47dab20bdc11c
SSDEEP

768:+zvtdoU5X7rQzsf2nPdDNPSQyA9SpVzo:y9P682n1DNPqAco

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2bdb121122273ab8e3881d29735d01dc

Files

2bdb121122273ab8e3881d29735d01dc
.exe windows:4 windows x86 arch:x86

06e1e270c0d01b8482f3c0dc0f84a003

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareStringW
CreateThread
FlushFileBuffers
GetStringTypeW
Sleep
CreateMutexA
GetLastError
CreateDirectoryA
CreateFileA
WriteFile
CloseHandle
OpenFile
GetModuleFileNameA
GetWindowsDirectoryA
CopyFileA
WritePrivateProfileStringA
CompareStringA
GetCurrentThreadId
GetStringTypeA
LCMapStringW
LCMapStringA
MultiByteToWideChar
SetStdHandle
LoadLibraryA
GetProcAddress
GetTimeZoneInformation
GetSystemTime
GetLocalTime
RtlUnwind
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
HeapDestroy
HeapCreate
VirtualFree
HeapFree
SetFilePointer
GetCPInfo
GetACP
GetOEMCP
HeapAlloc
VirtualAlloc
HeapReAlloc
SetEnvironmentVariableA

user32

TranslateMessage
GetMessageA
DispatchMessageA

advapi32

ReportEventA
DeregisterEventSource
StartServiceA
CreateServiceA
OpenSCManagerA
OpenServiceA
CloseServiceHandle
RegisterServiceCtrlHandlerA
SetServiceStatus
StartServiceCtrlDispatcherA
RegisterEventSourceA

shell32

ShellExecuteA

wininet

HttpQueryInfoA
InternetCloseHandle
InternetReadFile
InternetOpenA
InternetOpenUrlA

Sections

.text
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

06e1e270c0d01b8482f3c0dc0f84a003

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

wininet

Sections

.text Size: 24KB - Virtual size: 23KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 4KB - Virtual size: 8KB

.text
Size: 24KB - Virtual size: 23KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 4KB - Virtual size: 8KB