b2a6470ce3616377b37ee409f436cba0N[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

b2a6470ce3616377b37ee409f436cba0N.exe
Size

138KB
MD5

b2a6470ce3616377b37ee409f436cba0
SHA1

5d67e7f4dcf2041cd82fe1a6a0e990b00df399d2
SHA256

52950ef99420d98c8421a9eb06ba25be21317d4a3cac05fa8d30f81dbf3f0d5a
SHA512

73caf00c42726106abe3f8c742ef8df512ed6f8fdc08edf6e9f17a824f92d74b5e5c6a0d103a5ec385d424862da495da237fe31d1fdfa8bedbcc764e9c44d8c3
SSDEEP

3072:JtU6vf/J02htiG3Qn6Nta9jvOE9TCm5N3knlF5bt:XU6vHJ02St9l5N3klF5b

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b2a6470ce3616377b37ee409f436cba0N.exe

Files

b2a6470ce3616377b37ee409f436cba0N.exe
.dll windows:6 windows x86 arch:x86

11ae71b1091f2c341bfe2f15e62c277e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

winmm

timeKillEvent
timeSetEvent
mmioOpenW
mmioRead
timeBeginPeriod
mmioClose
mmioAscend
mmioDescend
mmioSeek
timeEndPeriod
timeGetTime

kernel32

IsDebuggerPresent
lstrlenW
lstrcpynW
EnterCriticalSection
LeaveCriticalSection
GetCurrentProcess
ReleaseSemaphore
WaitForMultipleObjects
InitializeCriticalSection
WaitForSingleObject
GetCurrentThreadId
CreateEventW
SetEvent
CloseHandle
GetSystemInfo
ResetEvent
DeleteCriticalSection
InitializeSListHead
lstrcmpW
LoadLibraryW
FreeLibrary
GetLastError
GetProcAddress
SetThreadPriority
GetModuleFileNameW
GetModuleHandleW
Sleep
GetCurrentThread
GetThreadPriority
GetTickCount
VerSetConditionMask
VerifyVersionInfoW
UnmapViewOfFile
GetCurrentProcessId
CreateFileMappingW
MapViewOfFile
QueryPerformanceCounter
DisableThreadLibraryCalls
lstrcmpiW
GetSystemTimeAsFileTime
IsProcessorFeaturePresent
TerminateProcess
VirtualQuery
SetUnhandledExceptionFilter
CreateSemaphoreW
UnhandledExceptionFilter
VirtualProtect
RaiseException
LoadLibraryExA

user32

ShowWindow
GetWindowPlacement
RegisterClassExW
UnregisterClassW
GetSystemMetrics
CreateWindowExW
SetWindowPos
MonitorFromPoint
DefWindowProcW
GetWindowLongW
EndPaint
LoadIconW
OffsetRect
MoveWindow
SetWindowTextW
SystemParametersInfoW
DestroyWindow
UpdateWindow
MsgWaitForMultipleObjects
DispatchMessageW
RegisterWindowMessageW
PeekMessageW
GetQueueStatus
PostThreadMessageW
LoadCursorW
GetMonitorInfoW
TranslateMessage
SetWindowPlacement
SetWindowLongW
BeginPaint
IsZoomed
SendMessageW

gdi32

GetStockObject

advapi32

RegEnumKeyExW
RegQueryValueExW
RegOpenKeyExW
RegDeleteValueW
RegQueryInfoKeyW
RegSetValueExW
RegEnumValueW
RegCloseKey

ole32

PropVariantClear
StringFromGUID2
CoTaskMemFree
CoFreeUnusedLibraries
CoCreateInstance
CoUninitialize
CoTaskMemAlloc
CoInitialize
CoInitializeEx
CLSIDFromString

msvcp140

?_Xlength_error@std@@YAXPBD@Z

vcruntime140

_except_handler4_common
memmove
memset
__std_type_info_destroy_list
_CxxThrowException
__std_exception_copy
__std_exception_destroy
wcsrchr
__std_terminate
_purecall
__CxxFrameHandler3
memcpy

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vsnwprintf_s

api-ms-win-crt-convert-l1-1-0

_wtoi

api-ms-win-crt-string-l1-1-0

wcstok_s
_wcsdup
wcsncpy_s
wcsncat_s
_wcsicmp

api-ms-win-crt-heap-l1-1-0

realloc
malloc
free
_callnewh

api-ms-win-crt-runtime-l1-1-0

_invalid_parameter_noinfo_noreturn
_beginthreadex
_initterm
_initterm_e
_seh_filter_dll
_configure_narrow_argv
_initialize_narrow_environment
_initialize_onexit_table
_execute_onexit_table
_cexit

Exports

Exports

kpi_CreateInstance

Sections

.text
Size: 77KB - Virtual size: 77KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 41KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

11ae71b1091f2c341bfe2f15e62c277e

Headers

DLL Characteristics

File Characteristics

Imports

winmm

kernel32

user32

gdi32

advapi32

ole32

msvcp140

vcruntime140

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-convert-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-runtime-l1-1-0

Exports

Exports

Sections

.text Size: 77KB - Virtual size: 77KB

.rdata Size: 41KB - Virtual size: 40KB

.data Size: 11KB - Virtual size: 11KB

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 7KB - Virtual size: 7KB

.text
Size: 77KB - Virtual size: 77KB

.rdata
Size: 41KB - Virtual size: 40KB

.data
Size: 11KB - Virtual size: 11KB

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 7KB - Virtual size: 7KB