2fd389ce808648434f93e405899ffda25781d4fc1443e4082d5523b1dc235209

Sharing

Copy URL Twitter E-mail

General

Target

2fd389ce808648434f93e405899ffda25781d4fc1443e4082d5523b1dc235209
Size

5.1MB
MD5

3c3a36dd97b2b6b57d40f0338a2de3b5
SHA1

2d513941c32554398e5212a6a1ffe205773dd9d1
SHA256

2fd389ce808648434f93e405899ffda25781d4fc1443e4082d5523b1dc235209
SHA512

6152efc740f68ab47c8200cdeac6d56312754967bf3d6a4058c7e7fd0d4ef82ba678decff7b7f65dd4d1c24871282bb452e4397e488beac28c593383e56cb708
SSDEEP

49152:G79luBSYuu7G9uJJnej3Syjyc1lvYEigX/n+4VCSQdxZ2lYoHjRihdDXTFvC+LNc:+luBr7IuJput3ziRosfIrmg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2fd389ce808648434f93e405899ffda25781d4fc1443e4082d5523b1dc235209

Files

2fd389ce808648434f93e405899ffda25781d4fc1443e4082d5523b1dc235209
.exe windows:4 windows x64 arch:x64

43db909f14aa26159b3bbbc7b43e7a0b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED

Imports

libgcc_s_seh-1

_Unwind_Resume

gdi32

SetDIBitsToDevice

kernel32

CloseHandle
CreateEventA
CreateFileA
CreateMutexA
CreateProcessA
CreateThread
DeleteCriticalSection
EnterCriticalSection
FileTimeToSystemTime
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetFileAttributesA
GetFileTime
GetLastError
GetModuleHandleW
GetProcAddress
GetShortPathNameA
GetStartupInfoA
GetSystemInfo
GetSystemTime
GetSystemTimeAsFileTime
GetTickCount
InitializeCriticalSection
IsDBCSLeadByteEx
LeaveCriticalSection
MultiByteToWideChar
QueryPerformanceCounter
ReleaseMutex
RtlAddFunctionTable
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
SetEvent
SetUnhandledExceptionFilter
Sleep
TerminateProcess
TerminateThread
TlsGetValue
UnhandledExceptionFilter
VirtualProtect
VirtualQuery
WaitForSingleObject
WideCharToMultiByte

msvcrt

__C_specific_handler
___lc_codepage_func
__argc
__argv
__dllonexit
__getmainargs
__initenv
__iob_func
__lconv_init
__mb_cur_max
__set_app_type
__setusermatherr
_acmdln
_amsg_exit
_cexit
_errno
_fileno
_fmode
_getpid
_initterm
_lock
_onexit
_setjmp
_setmode
_unlock
abort
acos
asin
atan
atan2
calloc
cosh
exit
fclose
fflush
fgetc
fopen
fprintf
fputc
fread
free
fseek
ftell
fwrite
getc
getenv
islower
isspace
isupper
isxdigit
localeconv
log10
longjmp
malloc
memcpy
memmove
memset
rand
realloc
remove
rename
rewind
setlocale
signal
sinh
strchr
strcmp
strcpy
strerror
strlen
strncmp
strncpy
strstr
strtol
strtoul
system
tan
tanh
tolower
ungetc
vfprintf
wcslen

psapi

GetProcessMemoryInfo

libwinpthread-1

pthread_cond_init
pthread_cond_signal
pthread_cond_wait
pthread_create
pthread_exit
pthread_join
pthread_mutex_destroy
pthread_mutex_init
pthread_mutex_lock
pthread_mutex_trylock
pthread_mutex_unlock

shell32

SHGetSpecialFolderPathA

user32

AdjustWindowRect
ChangeDisplaySettingsA
CreateWindowExA
DefWindowProcA
DestroyWindow
DispatchMessageA
EnumDisplaySettingsA
FindWindowA
GetDC
GetMessageA
GetWindowLongPtrA
GetWindowRect
PeekMessageA
SetForegroundWindow
SetWindowLongPtrA
SetWindowPos
SetWindowTextA
ShowCursor
ShowWindow
TrackMouseEvent

libgomp-1

GOMP_barrier
GOMP_parallel
omp_get_num_threads
omp_get_thread_num

libstdc++-6

_ZNSt9exceptionD2Ev
_ZSt9terminatev
_ZTVN10__cxxabiv117__class_type_infoE
_ZTVN10__cxxabiv120__si_class_type_infoE
_ZdaPv
_ZdlPv
_Znay
_Znwy
__cxa_allocate_exception
__cxa_begin_catch
__cxa_end_catch
__cxa_free_exception
__cxa_guard_abort
__cxa_guard_acquire
__cxa_guard_release
__cxa_rethrow
__cxa_throw
__gxx_personality_seh0

libgimp-2.0-0

gimp_display_new
gimp_displays_flush
gimp_drawable_detach
gimp_drawable_flush
gimp_drawable_get
gimp_drawable_get_visible
gimp_drawable_height
gimp_drawable_mask_bounds
gimp_drawable_merge_shadow
gimp_drawable_offsets
gimp_drawable_update
gimp_drawable_width
gimp_image_base_type
gimp_image_get_active_drawable
gimp_image_get_active_layer
gimp_image_get_item_position
gimp_image_get_layers
gimp_image_height
gimp_image_insert_layer
gimp_image_is_valid
gimp_image_new
gimp_image_remove_layer
gimp_image_resize
gimp_image_set_active_layer
gimp_image_undo_group_end
gimp_image_undo_group_start
gimp_image_width
gimp_install_procedure
gimp_item_get_image
gimp_item_get_name
gimp_item_is_valid
gimp_item_set_name
gimp_layer_add_alpha
gimp_layer_get_mode
gimp_layer_get_opacity
gimp_layer_new
gimp_layer_set_mode
gimp_layer_set_offsets
gimp_layer_set_opacity
gimp_main
gimp_pixel_rgn_get_row
gimp_pixel_rgn_init
gimp_pixel_rgn_set_rect
gimp_plugin_menu_register
gimp_procedural_db_get_data
gimp_procedural_db_get_data_size
gimp_procedural_db_set_data
gimp_progress_end
gimp_progress_init
gimp_progress_init_printf
gimp_progress_pulse
gimp_progress_set_text
gimp_progress_set_text_printf
gimp_progress_update
gimp_selection_bounds
gimp_selection_none
gimp_tile_cache_ntiles
gimp_tile_width

libgimpui-2.0-0

gimp_ui_init
gimp_window_set_transient
gimp_zoom_preview_get_factor
gimp_zoom_preview_get_model
gimp_zoom_preview_get_source
gimp_zoom_preview_get_type
gimp_zoom_preview_new

libgimpwidgets-2.0-0

gimp_dialog_new
gimp_double_adjustment_update
gimp_int_adjustment_update
gimp_preview_draw_buffer
gimp_preview_get_position
gimp_preview_get_size
gimp_preview_get_type
gimp_preview_get_update
gimp_preview_invalidate
gimp_preview_set_update
gimp_scale_entry_new
gimp_zoom_model_zoom

libcurl-4

curl_easy_cleanup
curl_easy_init
curl_easy_perform
curl_easy_setopt

libfftw3-3

fftw_cleanup_threads
fftw_destroy_plan
fftw_execute
fftw_free
fftw_init_threads
fftw_malloc
fftw_plan_dft_1d
fftw_plan_dft_3d
fftw_plan_with_nthreads

libgdk-win32-2.0-0

gdk_screen_get_height
gdk_screen_get_width

libgdk_pixbuf-2.0-0

gdk_pixbuf_new_from_data

libglib-2.0-0

g_free
g_malloc
g_markup_escape_text

libgobject-2.0-0

g_object_get
g_object_unref
g_signal_connect_data
g_type_check_instance_cast
g_type_check_instance_is_a

libgtk-win32-2.0-0

gtk_adjustment_get_type
gtk_alignment_get_type
gtk_alignment_new
gtk_alignment_set_padding
gtk_bin_get_child
gtk_bin_get_type
gtk_box_get_type
gtk_box_pack_end
gtk_box_pack_start
gtk_button_get_image
gtk_button_get_type
gtk_button_new
gtk_button_new_from_stock
gtk_button_new_with_label
gtk_button_set_alignment
gtk_button_set_image
gtk_button_set_label
gtk_cell_renderer_text_new
gtk_check_button_get_type
gtk_check_button_new_with_label
gtk_check_button_new_with_mnemonic
gtk_color_button_get_alpha
gtk_color_button_get_color
gtk_color_button_get_type
gtk_color_button_get_use_alpha
gtk_color_button_new
gtk_color_button_set_alpha
gtk_color_button_set_color
gtk_color_button_set_title
gtk_color_button_set_use_alpha
gtk_combo_box_append_text
gtk_combo_box_get_type
gtk_combo_box_new_text
gtk_combo_box_set_active
gtk_container_add
gtk_container_get_type
gtk_container_remove
gtk_container_set_border_width
gtk_dialog_add_button
gtk_dialog_get_type
gtk_dialog_run
gtk_entry_get_text
gtk_entry_get_type
gtk_entry_new_with_max_length
gtk_entry_set_text
gtk_file_chooser_button_new
gtk_file_chooser_get_filename_utf8
gtk_file_chooser_get_type
gtk_file_chooser_set_filename_utf8
gtk_frame_get_type
gtk_frame_new
gtk_frame_set_label
gtk_frame_set_label_widget
gtk_frame_set_shadow_type
gtk_hbox_new
gtk_hpaned_new
gtk_hseparator_new
gtk_image_new_from_pixbuf
gtk_label_get_text
gtk_label_get_type
gtk_label_new
gtk_label_set_line_wrap
gtk_label_set_markup
gtk_link_button_new_with_label
gtk_main
gtk_main_quit
gtk_message_dialog_new
gtk_message_dialog_new_with_markup
gtk_misc_get_type
gtk_misc_set_alignment
gtk_paned_add1
gtk_paned_add2
gtk_paned_get_type
gtk_paned_pack1
gtk_paned_pack2
gtk_rc_parse_string
gtk_scrolled_window_add_with_viewport
gtk_scrolled_window_get_type
gtk_scrolled_window_new
gtk_scrolled_window_set_policy
gtk_table_attach
gtk_table_attach_defaults
gtk_table_get_type
gtk_table_new
gtk_table_set_col_spacings
gtk_table_set_row_spacings
gtk_text_buffer_get_bounds
gtk_text_buffer_get_text
gtk_text_buffer_set_text
gtk_text_view_get_buffer
gtk_text_view_get_type
gtk_text_view_new
gtk_text_view_set_editable
gtk_text_view_set_left_margin
gtk_text_view_set_right_margin
gtk_text_view_set_wrap_mode
gtk_toggle_button_get_active
gtk_toggle_button_get_type
gtk_toggle_button_set_active
gtk_tree_model_get
gtk_tree_model_get_iter_from_string
gtk_tree_model_get_string_from_iter
gtk_tree_model_get_type
gtk_tree_path_free
gtk_tree_path_new_from_string
gtk_tree_selection_get_selected
gtk_tree_selection_select_path
gtk_tree_store_append
gtk_tree_store_new
gtk_tree_store_set
gtk_tree_view_append_column
gtk_tree_view_collapse_all
gtk_tree_view_collapse_row
gtk_tree_view_column_new
gtk_tree_view_column_new_with_attributes
gtk_tree_view_expand_row
gtk_tree_view_expand_to_path
gtk_tree_view_get_column
gtk_tree_view_get_selection
gtk_tree_view_get_type
gtk_tree_view_new_with_model
gtk_tree_view_remove_column
gtk_tree_view_row_expanded
gtk_tree_view_scroll_to_cell
gtk_tree_view_set_enable_search
gtk_tree_view_set_model
gtk_vbox_new
gtk_widget_destroy
gtk_widget_get_type
gtk_widget_grab_focus
gtk_widget_hide
gtk_widget_set_can_focus
gtk_widget_set_size_request
gtk_widget_show
gtk_widget_size_request
gtk_window_get_screen
gtk_window_get_size
gtk_window_get_type
gtk_window_move
gtk_window_resize

libpng16-16

png_create_info_struct
png_create_read_struct
png_create_write_struct
png_destroy_read_struct
png_destroy_write_struct
png_get_IHDR
png_get_valid
png_init_io
png_read_end
png_read_image
png_read_info
png_read_update_info
png_set_IHDR
png_set_expand_gray_1_2_4_to_8
png_set_filler
png_set_gray_to_rgb
png_set_longjmp_fn
png_set_palette_to_rgb
png_set_sig_bytes
png_set_tRNS_to_alpha
png_sig_cmp
png_write_end
png_write_image
png_write_info

zlib1

compress
uncompress

Sections

.text
Size: 4.0MB - Virtual size: 4.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 845KB - Virtual size: 844KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 27KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 177KB - Virtual size: 176KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 5KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 104B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 104B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

43db909f14aa26159b3bbbc7b43e7a0b

Headers

File Characteristics

Imports

libgcc_s_seh-1

gdi32

kernel32

msvcrt

psapi

libwinpthread-1

shell32

user32

libgomp-1

libstdc++-6

libgimp-2.0-0

libgimpui-2.0-0

libgimpwidgets-2.0-0

libcurl-4

libfftw3-3

libgdk-win32-2.0-0

libgdk_pixbuf-2.0-0

libglib-2.0-0

libgobject-2.0-0

libgtk-win32-2.0-0

libpng16-16

zlib1

Sections

.text Size: 4.0MB - Virtual size: 4.0MB

.data Size: 10KB - Virtual size: 10KB

.rdata Size: 845KB - Virtual size: 844KB

.pdata Size: 27KB - Virtual size: 26KB

.xdata Size: 177KB - Virtual size: 176KB

.bss Size: - Virtual size: 5KB

.idata Size: 20KB - Virtual size: 19KB

.CRT Size: 512B - Virtual size: 104B

.tls Size: 512B - Virtual size: 104B

.rsrc Size: 10KB - Virtual size: 9KB

.text
Size: 4.0MB - Virtual size: 4.0MB

.data
Size: 10KB - Virtual size: 10KB

.rdata
Size: 845KB - Virtual size: 844KB

.pdata
Size: 27KB - Virtual size: 26KB

.xdata
Size: 177KB - Virtual size: 176KB

.bss
Size: - Virtual size: 5KB

.idata
Size: 20KB - Virtual size: 19KB

.CRT
Size: 512B - Virtual size: 104B

.tls
Size: 512B - Virtual size: 104B

.rsrc
Size: 10KB - Virtual size: 9KB