ReaperPluginEntry
Static task
static1
Behavioral task
behavioral1
Sample
2bbc0dd173241c8181c8172d9d398eb0N.dll
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
2bbc0dd173241c8181c8172d9d398eb0N.dll
Resource
win10v2004-20240709-en
General
-
Target
2bbc0dd173241c8181c8172d9d398eb0N.exe
-
Size
98KB
-
MD5
2bbc0dd173241c8181c8172d9d398eb0
-
SHA1
70ac61547a536ec7b3b7b64baf6b6d8fb82c82d1
-
SHA256
126f62225488b26e195910e970b4d414c061a7d7d1b4e7c7769445ed52b1ecbd
-
SHA512
93845f5a2425d5877203167116e5d679dd88195b3b460812337d73a1feca8c5620292d3292b680ad776d42c4e07bd408fd99b514a0ff305372924f1050a7c3b8
-
SSDEEP
1536:C/uWh+OwgrxRRb0bWMamX7avY11xbX7CTb27k1fOuowTE5z4LId:Y+Bw2bBQY1197RklOuowszaq
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 2bbc0dd173241c8181c8172d9d398eb0N.exe
Files
-
2bbc0dd173241c8181c8172d9d398eb0N.exe.dll windows:4 windows x86 arch:x86
a8c42451e16d1cadf20abf237454d319
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Imports
kernel32
GetCurrentThreadId
LoadLibraryA
DeleteFileA
DeleteFileW
CreateFileA
CreateFileW
ReadFile
CloseHandle
TerminateProcess
Sleep
GetExitCodeProcess
CreateProcessA
CreatePipe
WritePrivateProfileStringA
GetPrivateProfileIntA
WaitForSingleObject
UnmapViewOfFile
GetFileSize
CreateEventA
SetFilePointer
GetOverlappedResult
ResetEvent
DeviceIoControl
GetDriveTypeA
WriteFile
SetStdHandle
IsBadCodePtr
GetOEMCP
GetACP
GetStringTypeW
GetStringTypeA
GetCPInfo
LCMapStringW
LCMapStringA
SetUnhandledExceptionFilter
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
UnhandledExceptionFilter
GetCurrentProcess
TlsGetValue
SetLastError
TlsFree
TlsAlloc
GetProcAddress
RtlUnwind
ExitProcess
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetVersionExA
GetEnvironmentVariableA
MultiByteToWideChar
WideCharToMultiByte
GetLastError
FlushFileBuffers
GetModuleFileNameA
GetModuleHandleA
RaiseException
GetVersion
GetCommandLineA
ExitThread
TlsSetValue
CreateThread
InterlockedIncrement
InterlockedDecrement
HeapReAlloc
HeapAlloc
LocalFree
HeapFree
user32
SetDlgItemInt
EnableWindow
GetDlgItemInt
DialogBoxParamA
CreateDialogParamA
GetParent
PostMessageA
SendDlgItemMessageA
CheckDlgButton
wsprintfA
IsDlgButtonChecked
RemovePropA
CallWindowProcW
CallWindowProcA
GetPropA
GetWindowLongW
SetPropA
SendMessageA
MessageBoxW
MessageBoxA
GetWindowLongA
SetWindowLongA
GetDlgItem
EndDialog
ole32
CoInitialize
CoCreateInstance
oleaut32
SysFreeString
Exports
Exports
Sections
.text Size: 69KB - Virtual size: 68KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 5KB - Virtual size: 5KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 14KB - Virtual size: 19KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 2KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 6KB - Virtual size: 6KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ