2b4f2564baae608fb08603cbd3107c20N[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

2b4f2564baae608fb08603cbd3107c20N.exe
Size

1.4MB
MD5

2b4f2564baae608fb08603cbd3107c20
SHA1

63f6d1142c9b0185e6014e61ca6e2431a97fdbbd
SHA256

920a8abcdd83236e19b22dd10c97e06a74741e516b6a04c4ae1df2dec00a9961
SHA512

1194704dddeecdb57220609a6ce5e7676a49230c355a4ce9d2b9a7c7353fdeebb596a078afa4ed73987e941ee57f0daa395b8cd990e32251becc9b6103e59982
SSDEEP

24576:ZD5FsFFP4MshV8DrG67nizc2R1ERdz0Bk6GrPxNsHyjVOXUbZ:ZbOy1zIg1ERWvGr5N7Rb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2b4f2564baae608fb08603cbd3107c20N.exe

Files

2b4f2564baae608fb08603cbd3107c20N.exe
.dll regsvr32 windows:6 windows x86 arch:x86

809283495e041b665af5e9393d46f5cf

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

msjet40.pdb

Imports

mswstr10

ord2
ord4
ord1

advapi32

GetUserNameA
OpenThreadToken
SetThreadToken
RegCloseKey
RegEnumKeyA
RegOpenKeyExA
RegQueryValueExA
RegEnumKeyW
RegEnumValueA
RegEnumValueW
RegOpenKeyExW
RegQueryInfoKeyA
RegQueryInfoKeyW
RegQueryValueExW

kernel32

SetEnvironmentVariableA
ReadConsoleW
GetDriveTypeA
SetStdHandle
DisableThreadLibraryCalls
CreateFileA
DeleteFileA
CloseHandle
GetLastError
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
GetLocalTime
GetTickCount
VirtualAlloc
VirtualFree
VirtualQuery
FreeLibrary
GetProcAddress
GetTempPathA
GetUserDefaultLCID
FindClose
FindFirstFileA
Sleep
LoadLibraryExA
GetLocaleInfoA
FlushFileBuffers
GetFileInformationByHandle
GetFileSize
GetFileType
LockFile
ReadFile
SetEndOfFile
SetFilePointer
UnlockFile
WriteFile
HeapAlloc
HeapFree
GetProcessHeap
SetThreadPriority
ResumeThread
GetSystemInfo
GlobalMemoryStatus
GetComputerNameA
SetEvent
ResetEvent
WaitForSingleObject
CreateEventA
CreateThread
GetCurrentThreadId
GetSystemTimeAsFileTime
GetDateFormatA
GetTimeFormatA
MultiByteToWideChar
WideCharToMultiByte
GetNumberFormatA
GetCurrencyFormatA
CreateFileW
DeleteFileW
FindFirstFileW
SetFilePointerEx
GetDriveTypeW
GetFileAttributesA
GetFileAttributesW
GetFullPathNameA
GetFullPathNameW
GetShortPathNameW
GetTempFileNameW
GetTempPathW
SetLastError
GetModuleFileNameA
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleW
LoadLibraryExW
GetShortPathNameA
GetTempFileNameA
GetComputerNameW
GetLocaleInfoW
IsDBCSLeadByte
GetCurrentThread
IsDebuggerPresent
IsProcessorFeaturePresent
GetStringTypeW
HeapReAlloc
EncodePointer
DecodePointer
RtlUnwind
GetStdHandle
GetModuleHandleExW
WriteConsoleW
RaiseException
ExitThread
GetCommandLineA
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
GetCurrentProcess
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetStartupInfoW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
ExitProcess
AreFileApisANSI
GetTimeZoneInformation
HeapSize
OutputDebugStringW
QueryPerformanceCounter
GetCurrentProcessId
GetEnvironmentStringsW
FreeEnvironmentStringsW
CompareStringW
LCMapStringW
GetConsoleCP
GetConsoleMode

ole32

CoCreateGuid
CoCreateInstance

oleaut32

SysFreeString
SysStringByteLen
SysAllocStringByteLen
SysStringLen

user32

CharUpperW
MsgWaitForMultipleObjects
PeekMessageA
DispatchMessageA
TranslateMessage
CharUpperA

Exports

Exports

DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 29KB - Virtual size: 304KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 920B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 171KB - Virtual size: 171KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

809283495e041b665af5e9393d46f5cf

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mswstr10

advapi32

kernel32

ole32

oleaut32

user32

Exports

Exports

Sections

.text Size: 1.2MB - Virtual size: 1.2MB

.data Size: 29KB - Virtual size: 304KB

.idata Size: 4KB - Virtual size: 3KB

.rsrc Size: 1024B - Virtual size: 920B

.reloc Size: 171KB - Virtual size: 171KB

.text
Size: 1.2MB - Virtual size: 1.2MB

.data
Size: 29KB - Virtual size: 304KB

.idata
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 1024B - Virtual size: 920B

.reloc
Size: 171KB - Virtual size: 171KB