2dc30ed2c7e41b5b566a20fd46dbfe3fe4cd852058c48958fc6d22e64fce4360N

Sharing

Copy URL Twitter E-mail

General

Target

2dc30ed2c7e41b5b566a20fd46dbfe3fe4cd852058c48958fc6d22e64fce4360N
Size

267KB
MD5

f7d2dd2c77ffb0cdb499c513eef25050
SHA1

dcd0a3a9e9fb5d619cac838e8715fc7530d2ce2c
SHA256

2dc30ed2c7e41b5b566a20fd46dbfe3fe4cd852058c48958fc6d22e64fce4360
SHA512

411573fc3782feb3547acf4a45026262b140e2ce3b44e7d12dbee95b44d282affb4be175b78dfe0c2bf876c6eaf18e7ffaf505a4b89824e01638b1bbb902fcca
SSDEEP

6144:ycBNyFLJeBaXEs+MKdWrBTLj+9XxV7ZEMOq3h:Fm/eq+MHJKxxDEDq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2dc30ed2c7e41b5b566a20fd46dbfe3fe4cd852058c48958fc6d22e64fce4360N

Files

2dc30ed2c7e41b5b566a20fd46dbfe3fe4cd852058c48958fc6d22e64fce4360N
.exe windows:4 windows x86 arch:x86

ae1ee75bca4710982e83c532d347b7c4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetVolumeInformationW
GlobalAlloc
GlobalDeleteAtom
GlobalFindAtomW
GlobalFlags
GlobalFree
GlobalHandle
GlobalReAlloc
HeapAlloc
InitializeCriticalSection
InterlockedExchange
InterlockedIncrement
IsDBCSLeadByteEx
IsValidLocale
LCMapStringA
LCMapStringW
LeaveCriticalSection
LoadLibraryA
LocalReAlloc
LockResource
QueryPerformanceCounter
GetVersion
SetErrorMode
SetFileAttributesW
SetFilePointer
SetLastError
SetStdHandle
SetUnhandledExceptionFilter
TerminateProcess
TlsFree
TlsGetValue
UnhandledExceptionFilter
UnlockFile
VirtualAlloc
VirtualFree
WriteConsoleA
WriteConsoleW
WriteFile
WritePrivateProfileStringW
lstrcmpA
lstrcmpW
lstrlenW
GetTimeZoneInformation
GetSystemTimeAsFileTime
GetStringTypeA
GetProcessPriorityBoost
GetProcessHeap
GetOEMCP
GetModuleHandleA
GetLocaleInfoW
GetLocaleInfoA
GetLastError
GetFullPathNameW
GetFileTime
GetFileSize
GetCurrentThreadId
GetCurrentThread
GetCurrentProcessId
GetCurrentProcess
GetConsoleMode
GetCommandLineA
GetCPInfo
GetBinaryTypeW
FreeLibrary
FreeEnvironmentStringsW
FreeEnvironmentStringsA
FindResourceW
FindClose
FileTimeToLocalFileTime
EnumSystemLocalesA
DuplicateHandle
CreateHardLinkA
CreateFileW
CreateFileA
CreateDirectoryW
ConvertDefaultLocale
CompareStringW
ReadFile
CloseHandle

user32

GetWindowTextLengthW
GetWindowTextW
GetWindowThreadProcessId
GrayStringW
IntersectRect
InvalidateRect
InvalidateRgn
IsChild
IsDialogMessageW
IsIconic
IsWindow
IsWindowEnabled
IsWindowVisible
LoadBitmapW
LoadCursorW
LoadIconW
LoadImageW
MapDialogRect
MapWindowPoints
MessageBeep
MessageBoxW
ModifyMenuW
OffsetRect
PeekMessageW
PostMessageW
PostQuitMessage
PostThreadMessageW
PtInRect
RedrawWindow
RegisterClassW
RegisterClipboardFormatW
RegisterWindowMessageW
ReleaseCapture
ReleaseDC
RemovePropW
SendDlgItemMessageA
SendDlgItemMessageW
SendMessageW
SetActiveWindow
SetCapture
SetFocus
SetForegroundWindow
SetMenuItemBitmaps
SetRect
SetWindowContextHelpId
SetWindowLongW
SetWindowPos
SetWindowTextW
ShowWindow
SystemParametersInfoA
TabbedTextOutW
TranslateMessage
UnhookWindowsHookEx
UnregisterClassA
GetSysColorBrush
UpdateWindow
ValidateRect
WinHelpW
BeginPaint
CallNextHookEx
CharNextW
CharUpperW
ClientToScreen
CopyAcceleratorTableW
GetWindowRect
CopyRect
CreateWindowExW
DefWindowProcW
DestroyMenu
DestroyWindow
DispatchMessageW
DrawTextExW
GetSysColor
GetSubMenu
GetQueueStatus
GetPropW
GetParent
GetNextDlgTabItem
GetNextDlgGroupItem
GetMessageW
GetMessageTime
GetMessagePos
GetMenuState
GetMenuItemID
GetMenuItemCount
GetMenuCheckMarkDimensions
GetMenu
GetLastActivePopup
GetKeyState
GetForegroundWindow
GetFocus
GetDlgItem
GetDlgCtrlID
GetDesktopWindow
GetDC
GetCursorPos
GetClientRect
GetClassNameW
GetClassLongW
GetClassInfoW
GetClassInfoExW
GetCapture
GetActiveWindow
EqualRect
EndPaint
EndDialog
EnableWindow
EnableMenuItem
DrawTextW
GetWindowDC
GetWindow
GetTopWindow
UnregisterClassW
GetSystemMetrics

comdlg32

PageSetupDlgA
GetFileTitleW
ChooseFontW
dwLBSubclass

wininet

HttpSendRequestW
GetUrlCacheEntryInfoExW
GetUrlCacheGroupAttributeA
HttpOpenRequestW
GetUrlCacheEntryInfoW
InternetGetLastResponseInfoW
InternetReadFile
InternetOpenW

gdi32

TextOutW
StartPage
SetViewportOrgEx
SetViewportExtEx
SetTextColor
SetMapMode
SetBkColor
SelectObject
OffsetViewportOrgEx
GetWindowExtEx
CreateBitmap
GetTextColor
GetStockObject
GetMapMode
GetDeviceCaps
GetClipBox
ExtTextOutW
ExtSelectClipRgn
Escape
DeleteObject
CreateSolidBrush
CreateRectRgnIndirect
CreateFontIndirectW
CreateCompatibleDC
GetViewportExtEx

advapi32

RegSetValueExW
RegQueryValueW
RegOpenKeyW
RegOpenKeyExW
RegEnumKeyW
RegCloseKey
OpenTraceW
GetTrusteeTypeW
ElfRegisterEventSourceW
RegisterEventSourceW

shell32

SHGetSpecialFolderPathW
SHGetSettings
SHGetFolderPathW
ShellExecuteW

winspool.drv

OpenPrinterW
GetPrintProcessorDirectoryW
EnumPrinterDataW
DocumentPropertiesW
ClosePrinter

oleaut32

SafeArrayDestroy
SysAllocString
SysAllocStringLen
SysStringLen
SystemTimeToVariantTime
VarDecFromBool
VarR8Pow
VariantChangeType
VariantClear
VariantCopy
VariantInit
VariantTimeToSystemTime
OleCreateFontIndirect

Sections

.text
Size: 55KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 149KB - Virtual size: 152KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 33KB - Virtual size: 148KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 21KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ae1ee75bca4710982e83c532d347b7c4

Headers

File Characteristics

Imports

kernel32

user32

comdlg32

wininet

gdi32

advapi32

shell32

winspool.drv

oleaut32

Sections

.text Size: 55KB - Virtual size: 56KB

.rdata Size: 149KB - Virtual size: 152KB

.data Size: 33KB - Virtual size: 148KB

.idata Size: 7KB - Virtual size: 7KB

.rsrc Size: 21KB - Virtual size: 23KB

.text
Size: 55KB - Virtual size: 56KB

.rdata
Size: 149KB - Virtual size: 152KB

.data
Size: 33KB - Virtual size: 148KB

.idata
Size: 7KB - Virtual size: 7KB

.rsrc
Size: 21KB - Virtual size: 23KB