2bd5647ad7a3f343d45d281e33726d1c

General

Target

2bd5647ad7a3f343d45d281e33726d1c
Size

174KB
MD5

2bd5647ad7a3f343d45d281e33726d1c
SHA1

fcbd880fcae179bfc9a681283b53d0da74437814
SHA256

e6a3e3b2f5c31573ec3d664fc1b212964a834c725245931b02c366826742e131
SHA512

e0a44b391e8d60dc0b84db8582d08cd4b4c359aa51d06de4a754f0079bcab27b29d93f3085640e88a287c95fd0cd09284314d09eeb20232539584e4d1730a9d9
SSDEEP

3072:5CVhTPSpaJFqHEOdgPPBnE7D/w8IpxdWQ+AFXCcYE0YVVcbCp:khsaJFOkPdE7D/kpr+8p

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2bd5647ad7a3f343d45d281e33726d1c

Files

2bd5647ad7a3f343d45d281e33726d1c
.exe windows:4 windows x86 arch:x86

7d933cccaafd449c70f6be83d7231b85

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetVolumeInformationW
InterlockedExchange
WideCharToMultiByte
CloseHandle
GetCurrentThreadId
DosPathToSessionPathW
InitializeCriticalSection
MultiByteToWideChar
SetProcessAffinityMask
GetDiskFreeSpaceExW
GetCurrentProcess
ProcessIdToSessionId
GetProcessId
GetLastError
DeleteCriticalSection
CreateFileW
EnumResourceTypesA
DisableThreadLibraryCalls
WaitForSingleObject
GetTickCount
DeleteFileW
InterlockedDecrement
GetThreadLocale
ExitProcess
GetLocalTime
GetCurrentProcessId
FreeLibrary
GetACP
GetFileSize
GetVersionExA
QueryPerformanceCounter
GetProcessAffinityMask
lstrlenA
GetModuleFileNameA
GetSystemTimeAsFileTime
InterlockedIncrement
GetLocaleInfoA
DeleteFileA

gdiplus

GdipCreateHBITMAPFromBitmap
GdipCloneImage

user32

PostMessageA
TranslateMessage
DispatchMessageA
SendMessageA
PeekMessageA
wsprintfA

advapi32

RegQueryValueExA
RegEnumKeyExA
RegSetValueA
RegOpenKeyExA
RegCreateKeyExA
RegCreateKeyA
RegSetValueExA
RegDeleteKeyA
RegCloseKey

ole32

StringFromGUID2
CoInitialize
CoFreeUnusedLibraries
CoCreateInstance
CoTaskMemAlloc
CoTaskMemFree
CoUninitialize

Sections

.text
Size: 105KB - Virtual size: 105KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 65KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 1024B - Virtual size: 368KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7d933cccaafd449c70f6be83d7231b85

Headers

File Characteristics

Imports

kernel32

gdiplus

user32

advapi32

ole32

Sections

.text Size: 105KB - Virtual size: 105KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 65KB - Virtual size: 64KB

.tls Size: 1024B - Virtual size: 368KB

.text
Size: 105KB - Virtual size: 105KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 65KB - Virtual size: 64KB

.tls
Size: 1024B - Virtual size: 368KB