cb3375fab211c1dd2df1910b99a72a50

Sharing

Copy URL Twitter E-mail

General

Target

cb3375fab211c1dd2df1910b99a72a50
Size

25KB
MD5

cb3375fab211c1dd2df1910b99a72a50
SHA1

72febfff3f87c27d58e9f54db30bc0d31001a59e
SHA256

42b442543eddcb574913f49ff37c4c9e63850c498db47420ad3efce5a9dedf95
SHA512

e9197f1433f92eef4aca814b90dc50641426af8956fc91da271742cee41417c4b8d0bd7cc55cbcde841a83f255a1995d89a7321d34b058c1e8bd7bb920c2d9a3
SSDEEP

768:NDIwdl60Y/OItgpPAHDpV1EOr02FrnpKut5GTszjceEyNzA:hIWAOIKpPAjp7ZrnpKD0AeE4zA

Score

3^/10

Malware Config

Signatures

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/d2mr.dll
unpack001/d2mr.exe

Files

cb3375fab211c1dd2df1910b99a72a50
.zip
d2mr.dll
.dll windows:4 windows x86 arch:x86

437058fbe47ac144c5fc043861496ba7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

SuspendThread
GetCurrentThreadId
GetProcAddress
LoadLibraryA
ResumeThread
GetCurrentProcessId
Thread32Next
Thread32First
CreateToolhelp32Snapshot
GetCommandLineA
GetModuleHandleA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetLastError
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
GetModuleFileNameA
GetCPInfo
GetACP
GetOEMCP
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
WideCharToMultiByte
HeapDestroy
HeapCreate
VirtualFree
WriteFile
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
HeapAlloc
HeapFree
VirtualAlloc
FlushFileBuffers
CloseHandle
SetStdHandle
SetFilePointer
SuspendThread
GetCurrentThreadId
GetProcAddress
LoadLibraryA
ResumeThread
GetCurrentProcessId
Thread32Next
Thread32First
CreateToolhelp32Snapshot
GetCommandLineA
GetModuleHandleA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetLastError
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
GetModuleFileNameA
GetCPInfo
GetACP
GetOEMCP
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
WideCharToMultiByte
HeapDestroy
HeapCreate
VirtualFree
WriteFile
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
HeapAlloc
HeapFree
VirtualAlloc
FlushFileBuffers
CloseHandle
SetStdHandle
SetFilePointer

Sections

.text
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 819B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
d2mr.exe
.exe windows:4 windows x86 arch:x86

a9ca27ce8da1416b37881e6546121704

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc
HeapAlloc
HeapFree
SetFilePointer
WriteFile
RtlUnwind
VirtualFree
HeapCreate
HeapDestroy
LoadLibraryA
GetStdHandle
SetHandleCount
GetOEMCP
GetACP
GetCPInfo
WideCharToMultiByte
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
SetStdHandle
FlushFileBuffers
LCMapStringA
LCMapStringW
GetStringTypeA
OpenProcess
GetModuleHandleA
GetProcAddress
GetLastError
VirtualAllocEx
WriteProcessMemory
CreateRemoteThread
WaitForSingleObject
VirtualFreeEx
GetModuleFileNameA
GetCurrentProcess
CloseHandle
GetFileType
Module32Next
Module32First
CreateToolhelp32Snapshot
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
TerminateProcess
UnhandledExceptionFilter
FreeEnvironmentStringsA
MultiByteToWideChar
GetStringTypeW
VirtualAlloc
HeapAlloc
HeapFree
SetFilePointer
WriteFile
RtlUnwind
VirtualFree
HeapCreate
HeapDestroy
LoadLibraryA
GetStdHandle
SetHandleCount
GetOEMCP
GetACP
GetCPInfo
WideCharToMultiByte
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
SetStdHandle
FlushFileBuffers
LCMapStringA
LCMapStringW
GetStringTypeA
OpenProcess
GetModuleHandleA
GetProcAddress
GetLastError
VirtualAllocEx
WriteProcessMemory
CreateRemoteThread
WaitForSingleObject
VirtualFreeEx
GetModuleFileNameA
GetCurrentProcess
CloseHandle
GetFileType
Module32Next
Module32First
CreateToolhelp32Snapshot
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
TerminateProcess
UnhandledExceptionFilter
FreeEnvironmentStringsA
MultiByteToWideChar
GetStringTypeW

user32

PostQuitMessage
GetSystemMetrics
GetDC
ReleaseDC
BeginPaint
EndPaint
DefWindowProcA
DestroyWindow
InvalidateRect
IsWindowVisible
GetWindowTextA
GetWindowThreadProcessId
EnumWindows
MessageBoxA
LoadIconA
LoadCursorA
RegisterClassA
CreateWindowExA
ShowWindow
UpdateWindow
SetTimer
GetMessageA
TranslateMessage
DispatchMessageA

gdi32

CreateCompatibleDC
CreateCompatibleBitmap
PatBlt
BitBlt
SetBkColor
SelectObject
Rectangle
TextOutA
CreateFontA
CreateSolidBrush
CreatePen
GetStockObject
DeleteDC
SetTextColor

advapi32

OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges

Sections

.text
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 952B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
readme.txt

Sharing

General

Malware Config

Signatures

Files

437058fbe47ac144c5fc043861496ba7

Headers

File Characteristics

Imports

kernel32

Sections

.text Size: 12KB - Virtual size: 11KB

.rdata Size: 1024B - Virtual size: 819B

.data Size: 10KB - Virtual size: 15KB

.idata Size: 1KB - Virtual size: 1KB

.reloc Size: 1KB - Virtual size: 1KB

a9ca27ce8da1416b37881e6546121704

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

Sections

.text Size: 19KB - Virtual size: 18KB

.rdata Size: 1024B - Virtual size: 952B

.data Size: 11KB - Virtual size: 17KB

.idata Size: 2KB - Virtual size: 2KB

.rsrc Size: 1024B - Virtual size: 1024B

.text
Size: 12KB - Virtual size: 11KB

.rdata
Size: 1024B - Virtual size: 819B

.data
Size: 10KB - Virtual size: 15KB

.idata
Size: 1KB - Virtual size: 1KB

.reloc
Size: 1KB - Virtual size: 1KB

.text
Size: 19KB - Virtual size: 18KB

.rdata
Size: 1024B - Virtual size: 952B

.data
Size: 11KB - Virtual size: 17KB

.idata
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 1024B - Virtual size: 1024B