2f7a50e0c9d499bd385e1e1298e9c9a63581fdfdb90d2a41953534c22b621070

General

Target

2f7a50e0c9d499bd385e1e1298e9c9a63581fdfdb90d2a41953534c22b621070
Size

283KB
MD5

06043ff5043b804c6b305a9760d4059b
SHA1

3fba10ff556cbc94e27e2aa6ff9efac8e9d33e5c
SHA256

2f7a50e0c9d499bd385e1e1298e9c9a63581fdfdb90d2a41953534c22b621070
SHA512

a82c8ce04c02e366609137b040eff240a3bebc9eb9c37f0a7e2a8ae8b7e9c3a62bb27e80542498b481faf3dd3573ca73ee48d65ef85aeb5ab869bb30ec313de8
SSDEEP

6144:ceECRscl8BT2HwGtGVZLGTmjOyihwhBJq++5X0qYZfsgzyZx04:cMRscYT2HwwoZujhh3H5XvgfsSA6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2f7a50e0c9d499bd385e1e1298e9c9a63581fdfdb90d2a41953534c22b621070

Files

2f7a50e0c9d499bd385e1e1298e9c9a63581fdfdb90d2a41953534c22b621070
.exe windows:4 windows x86 arch:x86

3ca84782ee8c8c3803e20e282945f01f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStringTypeA
GetFileType
TlsSetValue
GetDateFormatA
RtlUnwind
LCMapStringW
GetCurrentThread
GetCurrentProcess
InterlockedIncrement
VirtualAlloc
WideCharToMultiByte
TlsFree
HeapReAlloc
HeapDestroy
DeleteCriticalSection
HeapCreate
GetOEMCP
VirtualFree
GetModuleFileNameA
GetStdHandle
LCMapStringA
ExitProcess
GetTimeFormatA
IsValidLocale
SetConsoleCtrlHandler
LoadLibraryA
GetTickCount
GetSystemTimeAsFileTime
IsDebuggerPresent
GetModuleHandleW
SetLastError
QueryPerformanceCounter
CompareStringW
Sleep
GetACP
VirtualQuery
GetCurrentThreadId
GetLocaleInfoW
HeapAlloc
InitializeCriticalSectionAndSpinCount
HeapFree
FreeLibrary
WriteFile
GetCurrentProcessId
GetCommandLineA
LeaveCriticalSection
IsValidCodePage
GetFileAttributesExA
SetHandleCount
GetLocaleInfoA
GetTimeZoneInformation
MultiByteToWideChar
GetStartupInfoA
TlsAlloc
UnhandledExceptionFilter
EnumSystemLocalesA
GetEnvironmentStrings
GetModuleHandleA
EnterCriticalSection
GetStringTypeW
GetCPInfo
CompareStringA
InterlockedDecrement
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetLastError
SetEnvironmentVariableA
GetProcAddress
GetUserDefaultLCID
HeapSize
GetEnvironmentStringsW
TlsGetValue
InterlockedExchange
SetUnhandledExceptionFilter
TerminateProcess

comdlg32

PageSetupDlgA
ReplaceTextW
GetOpenFileNameA
FindTextA
GetFileTitleA
ChooseColorA
FindTextW
ReplaceTextA
PrintDlgA
ChooseFontA

wininet

CreateUrlCacheGroup
GetUrlCacheHeaderData
InternetLockRequestFile
InternetTimeFromSystemTimeA

Sections

.text
Size: 134KB - Virtual size: 133KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 139KB - Virtual size: 138KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3ca84782ee8c8c3803e20e282945f01f

Headers

File Characteristics

Imports

kernel32

comdlg32

wininet

Sections

.text Size: 134KB - Virtual size: 133KB

.data Size: 139KB - Virtual size: 138KB

.rsrc Size: 9KB - Virtual size: 9KB

.text
Size: 134KB - Virtual size: 133KB

.data
Size: 139KB - Virtual size: 138KB

.rsrc
Size: 9KB - Virtual size: 9KB