2f3cce22c49de92c4e60c253a217618a6bb91f0efbac184105f1bb93be9273da

Sharing

Copy URL Twitter E-mail

General

Target

2f3cce22c49de92c4e60c253a217618a6bb91f0efbac184105f1bb93be9273da
Size

6.7MB
MD5

ba2198d37bdc9c3fd77a79b85886543e
SHA1

4d4b7617854b81dbb247e716dcb085e81cf0abcf
SHA256

2f3cce22c49de92c4e60c253a217618a6bb91f0efbac184105f1bb93be9273da
SHA512

e85470ea887de33979c7d029a0cdda8442e46fbf52418aa5a7545d94bf16eb24105e758d79deca474829c7037890d2efb4cbe8dacb190de76971585ad1752006
SSDEEP

196608:Gyj9EgGbrgQuGFhOz18ZKontIATF/2wI0iCNChPIIQGM:TIM6hOz0KotSwLXEIIQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2f3cce22c49de92c4e60c253a217618a6bb91f0efbac184105f1bb93be9273da

Files

2f3cce22c49de92c4e60c253a217618a6bb91f0efbac184105f1bb93be9273da
.exe windows:6 windows x86 arch:x86

d4810a9f2d04d98587a0baa18e7fbcfb

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ReadConsoleW
WriteConsoleW
SetStdHandle
UnregisterWaitEx
QueryDepthSList
InterlockedFlushSList
InterlockedPushEntrySList
InterlockedPopEntrySList
InitializeSListHead
ReleaseSemaphore
VirtualProtect
VirtualFree
VirtualAlloc
GetVersionExW
FreeLibraryAndExitThread
OutputDebugStringW
SetFilePointerEx
ReadFile
GetConsoleMode
GetConsoleCP
FreeEnvironmentStringsW
WriteFile
GetStdHandle
GetOEMCP
GetACP
IsDebuggerPresent
GetProcessHeap
HeapSize
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
LoadLibraryW
UnregisterWait
RegisterWaitForSingleObject
SetThreadAffinityMask
GetProcessAffinityMask
GetNumaHighestNodeNumber
DeleteTimerQueueTimer
ChangeTimerQueueTimer
CreateTimerQueueTimer
GetLogicalProcessorInformation
GetThreadPriority
SetThreadPriority
SwitchToThread
SignalObjectAndWait
SetEvent
CreateTimerQueue
HeapAlloc
ExitThread
CreateSemaphoreW
GetProcAddress
GetModuleHandleW
GetTickCount
TlsSetValue
TlsGetValue
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsProcessorFeaturePresent
GetCPInfo
RtlUnwind
RaiseException
HeapReAlloc
GetLastError
GetStringTypeW
MultiByteToWideChar
DecodePointer
CreateFileW
CreateThread
DeleteFileA
TlsFree
ExitProcess
GetThreadTimes
GetCurrentProcessId
DeleteCriticalSection
GetModuleHandleA
FindNextFileA
GetLocalTime
ResetEvent
GlobalFree
SetLastError
IsDBCSLeadByteEx
FindFirstFileA
GlobalUnlock
GetStartupInfoW
CompareStringW
GetOverlappedResult
GetSystemDirectoryA
TerminateProcess
Beep
LeaveCriticalSection
Sleep
InitializeCriticalSectionAndSpinCount
SetCommState
ClearCommBreak
ExpandEnvironmentStringsA
GetCurrentThread
ConnectNamedPipe
SetHandleInformation
HeapFree
GetEnvironmentStringsW
QueryPerformanceCounter
SetEnvironmentVariableW
GetCurrentProcess
WaitNamedPipeA
GetCommState
SetEndOfFile
GetLocaleInfoA
GetDateFormatW
FindClose
WideCharToMultiByte
OpenFileMappingA
TlsAlloc
GetModuleFileNameA
CreateEventW
GetFileType
CreateFileMappingA
LoadLibraryA
EnterCriticalSection
IsValidCodePage
FlushFileBuffers
GetModuleFileNameW
CreateProcessA
MulDiv
GetSystemTimeAdjustment
CreateEventA
GetProcessTimes
WaitForSingleObjectEx
WaitForSingleObject
GetModuleHandleExW
SetDllDirectoryW
LoadLibraryExW
FreeLibrary
VirtualQuery
UnmapViewOfFile
MapViewOfFile
CreateFileA
GetEnvironmentVariableW
GetCommandLineW
EncodePointer
GetSystemTimeAsFileTime
CloseHandle
DuplicateHandle
GetCurrentThreadId
GetExitCodeThread

user32

ShowOwnedPopups
EndPaint
SetCursor
SetTimer
HideCaret
GetWindowRect
CreateDialogParamA
GetMessageW
PostQuitMessage
TrackPopupMenu
SetKeyboardState
SetCapture
DeleteMenu
RemovePropA
GetWindowInfo
SetParent
SetFocus
GetWindowTextLengthA
GetWindowTextA
MessageBoxA
PeekMessageA
SetClassLongA
DrawStateW
DefWindowProcA
RedrawWindow
DestroyCaret
ShowWindow
DrawMenuBar
CreateWindowExW
InsertMenuA
ValidateRgn
SendMessageW
UpdateWindow
GetDlgItemTextA
GetCaretBlinkTime
SetScrollInfo
ValidateRect
GetWindowThreadProcessId
MessageBoxW
ToAsciiEx
ClientToScreen
DestroyWindow
MapDialogRect
SendDlgItemMessageA
IsIconic
MsgWaitForMultipleObjects
DrawIconEx
LoadStringA
GetParent
CreateMenu
CreateIconIndirect
WaitMessage
GetDC
CreateDialogIndirectParamA
OffsetRect
GetKeyboardLayout
GetScrollInfo
GetWindowLongA
ReleaseDC
EndDialog
DestroyCursor
GetDesktopWindow
SetMenu
IsDlgButtonChecked
CreateCaret
PostMessageA
RemoveMenu
CheckRadioButton
SystemParametersInfoA
ScrollWindowEx
SetCaretPos
SetWindowTextA
DrawFrameControl
CheckMenuItem
RegisterClassA
IsRectEmpty
TranslateMDISysAccel

gdi32

GetBitmapBits
ExtCreatePen
CreatePolygonRgn
PolyPolygon
SetLayout
BitBlt
Arc
GetTextExtentPoint32A
SetViewportOrgEx
SetTextColor
MaskBlt
CreateFontA
GetDIBits
ExcludeClipRect
CreateHalftonePalette
GetRgnBox
SetPixel
CreatePalette
CreateBitmap
GetPaletteEntries
SelectClipRgn
PtInRegion
CreatePenIndirect
CreateCompatibleDC
PolyPolyline
RectInRegion
Rectangle
CreateBrushIndirect
RealizePalette
GetTextExtentExPointA
GetCharABCWidthsW
SetStretchBltMode
CreateRectRgn
GetCharWidth32A
GetTextExtentPointA
GetSystemPaletteEntries
CreatePatternBrush
CreatePen
RectVisible
SetTextAlign
CloseEnhMetaFile
RestoreDC
TextOutA
SetWindowOrgEx
EndPage
ExtFloodFill
CreateHatchBrush
GetDeviceCaps
GdiFlush
GetEnhMetaFileHeader
GetRegionData
PlayEnhMetaFile
CombineRgn
ExtCreateRegion
GetObjectType
SetPaletteEntries
GetCharABCWidthsFloatA
GetClipBox
SetROP2
UpdateColors
SelectPalette

advapi32

GetUserNameA
RegOpenKeyExW
AllocateAndInitializeSid
RegOpenKeyExA
RegDeleteKeyA
CopySid
AdjustTokenPrivileges
SetSecurityDescriptorOwner
LookupPrivilegeValueW
RegQueryValueExW
EqualSid

shell32

ShellExecuteExW

Sections

.text
Size: 738KB - Virtual size: 737KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 6.0MB - Virtual size: 6.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.gnWQE
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d4810a9f2d04d98587a0baa18e7fbcfb

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

Sections

.text Size: 738KB - Virtual size: 737KB

.data Size: 6.0MB - Virtual size: 6.0MB

.idata Size: 8KB - Virtual size: 7KB

.gnWQE Size: 3KB - Virtual size: 3KB

.reloc Size: 17KB - Virtual size: 17KB

.text
Size: 738KB - Virtual size: 737KB

.data
Size: 6.0MB - Virtual size: 6.0MB

.idata
Size: 8KB - Virtual size: 7KB

.gnWQE
Size: 3KB - Virtual size: 3KB

.reloc
Size: 17KB - Virtual size: 17KB