2b377d9b46b8919c45b5bf3e0feceabb9198e5b7b6d375eb9f793eb40ce6030a

Sharing

Copy URL Twitter E-mail

General

Target

2b377d9b46b8919c45b5bf3e0feceabb9198e5b7b6d375eb9f793eb40ce6030a
Size

553KB
MD5

8302053b8d3d5fe47f7c5aecbbef8927
SHA1

c8c10b771be1b35add99b853c09e4eed4e05f41a
SHA256

2b377d9b46b8919c45b5bf3e0feceabb9198e5b7b6d375eb9f793eb40ce6030a
SHA512

4f0eb97029b379cae7bff10c7f629ff4b3a06918fdbeaa53ef9276cd17b493006712eea182d8d85135037ff20849fc408ad18786fba24e9f971c9beed9277a1a
SSDEEP

12288:VNmQBh3Y6v70rmKKeywbyT3HbH6SZYj6QCZyH9:VDAqwywy3HT6K+SMH9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2b377d9b46b8919c45b5bf3e0feceabb9198e5b7b6d375eb9f793eb40ce6030a

Files

2b377d9b46b8919c45b5bf3e0feceabb9198e5b7b6d375eb9f793eb40ce6030a
.exe windows:6 windows x86 arch:x86

63116f7a42fe8df1c9eea2fdcc9b7efd

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

E:\code\lib_common\webview\Release\TestJsBasic.pdb

Imports

kernel32

IsBadReadPtr
lstrcmpiW
LoadLibraryExW
SetUnhandledExceptionFilter
GetCurrentProcess
SetLastError
VirtualProtect
GetModuleHandleW
GetProcessHeap
DeleteCriticalSection
GetProcAddress
HeapDestroy
DecodePointer
FreeLibrary
FindResourceW
WriteConsoleW
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
LoadResource
GetOEMCP
GetACP
IsValidCodePage
FindFirstFileExW
ReadConsoleW
SetEndOfFile
SetStdHandle
GetCurrentProcessId
CloseHandle
HeapAlloc
WaitForSingleObject
FindResourceExW
LoadLibraryW
RaiseException
HeapReAlloc
LockResource
GetLastError
MultiByteToWideChar
HeapSize
GetCurrentThreadId
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetStdHandle
GetModuleHandleExW
ExitProcess
GetTimeZoneInformation
GetConsoleMode
GetConsoleOutputCP
SetFilePointerEx
GetFileType
GetFileAttributesExW
InitializeCriticalSectionEx
LeaveCriticalSection
RtlUnwind
QueryPerformanceCounter
GetStartupInfoW
TerminateProcess
UnhandledExceptionFilter
WaitForSingleObjectEx
GetModuleFileNameW
GetCommandLineW
EnterCriticalSection
HeapFree
GetCommandLineA
SizeofResource
ResetEvent
SetEvent
FlushFileBuffers
EncodePointer
InitializeSListHead
InterlockedPopEntrySList
InterlockedPushEntrySList
FlushInstructionCache
IsProcessorFeaturePresent
VirtualAlloc
VirtualFree
LoadLibraryExA
IsDebuggerPresent
OutputDebugStringW
FormatMessageW
WideCharToMultiByte
GetStringTypeW
InitializeCriticalSectionAndSpinCount
CreateEventW
SwitchToThread
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetSystemTimeAsFileTime
CompareStringW
LCMapStringW
GetLocaleInfoW
GetCPInfo
InitializeCriticalSection
DeleteFileW
CreateFileMappingW
OpenFileMappingW
MapViewOfFile
UnmapViewOfFile
CreateFileW
GetFileSizeEx
ReadFile
ReleaseMutex
CreateMutexW
LocalFree
FindClose
FindNextFileW
WriteFile

user32

SetTimer
ShowWindow
SetWindowLongW
KillTimer
PostQuitMessage
SetWindowTextW
GetMessageW
CreateWindowExW
RegisterClassExW
DispatchMessageW
PeekMessageW
CharNextW
TranslateMessage
LoadCursorW
GetClassInfoExW
GetWindowLongW
DefWindowProcW
CallWindowProcW
wsprintfW
PostMessageW
DestroyWindow
SetWindowPos
UnregisterClassW

gdi32

SetBkColor
ExtTextOutW

advapi32

RegOpenKeyExW
RegCloseKey
RegQueryInfoKeyW
RegDeleteKeyW
RegCreateKeyExW
RegEnumKeyExW
RegSetValueExW
RegDeleteValueW
RegQueryValueExW

shell32

ShellExecuteExW

ole32

CoInitialize
CoTaskMemRealloc
CoTaskMemFree
CoTaskMemAlloc
CoUninitialize
CoCreateInstance

oleaut32

VarUI4FromStr

shlwapi

StrStrIW
PathAppendW
PathFileExistsW
PathRemoveFileSpecW
PathIsDirectoryW

comctl32

InitCommonControlsEx

urlmon

URLDownloadToCacheFileW

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

crypt32

CertGetNameStringW

wintrust

WinVerifyTrust
WTHelperProvDataFromStateData

Sections

.text
Size: 338KB - Virtual size: 338KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 93KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 92KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

63116f7a42fe8df1c9eea2fdcc9b7efd

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

shlwapi

comctl32

urlmon

version

crypt32

wintrust

Sections

.text Size: 338KB - Virtual size: 338KB

.rdata Size: 93KB - Virtual size: 92KB

.data Size: 11KB - Virtual size: 16KB

.rsrc Size: 92KB - Virtual size: 92KB

.reloc Size: 17KB - Virtual size: 16KB

.text
Size: 338KB - Virtual size: 338KB

.rdata
Size: 93KB - Virtual size: 92KB

.data
Size: 11KB - Virtual size: 16KB

.rsrc
Size: 92KB - Virtual size: 92KB

.reloc
Size: 17KB - Virtual size: 16KB