build2[.]exe | Triage

Sharing

Copy URL

Twitter E-mail

General

Target

build2.exe
Size

1.4MB
MD5

35f21b7e89b981c7a83a2fa5c834d154
SHA1

5eb4dd6d3e659360c48d1c34ba16d29244cfca1e
SHA256

c06a6c292aecf86af2feaaa4c13a4ce305c04a37823daf76dda71e9e790507d3
SHA512

ff034daf566d5675c05ae86441c96119df66183d005628cae1a002b361694b76bc9cacbfb243001d0cf37ad3b95c135945d7c4626ec12f382fac7e91cc6b9fae
SSDEEP

24576:xmI7etHLvLEh0UzA2NfTNTrStsycFWO0EWqTMSay7ty8g9In1rY:/6tXEh0UzA2NfTNTrSts9W+WRRytg9Ia

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs
Checks for missing Authenticode signature.

Processes:

resource

build2.exe

resource
build2.exe

Files

build2.exe
.exe windows:4 windows x86 arch:x86

ed794b16380bcc81cb03fc61693c9d94

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStartupInfoW
CreateThread
TerminateThread
FindFirstFileW
FindClose
FormatMessageW
GetEnvironmentVariableW
GetComputerNameW
GetLocaleInfoW
Sleep
LocalFree
CreateMutexW
MulDiv
lstrcpynW
OutputDebugStringA
GetLocalTime
GetPrivateProfileStringW
WritePrivateProfileStringW
CreateDirectoryW
GetUserDefaultLangID
GetFileAttributesW
InitializeCriticalSection
DeleteCriticalSection
GlobalHandle
FreeResource
DeleteFileW
lstrcmpW
lstrcatW
CopyFileW
GetTempPathW
GetTimeZoneInformation
GetModuleFileNameW
GetModuleHandleW
GetCurrentThreadId
GetVersionExW
GlobalReAlloc
FindResourceW
LoadResource
LockResource
FreeLibrary
LoadLibraryW
GetProcAddress
lstrlenA
InterlockedDecrement
InterlockedIncrement
GetLastError
WriteFile
CreateFileW
GetFileSize
ReadFile
CloseHandle
OutputDebugStringW
lstrcmpiW
GlobalSize
MultiByteToWideChar
WideCharToMultiByte
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
EnterCriticalSection
LeaveCriticalSection
lstrlenW
GetCurrentProcess
FlushInstructionCache
lstrcpyW
InterlockedExchange

user32

GetWindowRect
IsWindowVisible
FindWindowExW
PtInRect
GetCursorPos
ScreenToClient
GetWindowTextW
GetDlgCtrlID
GetScrollPos
SetWindowTextW
GetKeyState
SetFocus
LoadCursorW
SendMessageW
RegisterClassExW
CreateWindowExW
LoadImageW
GetWindowLongW
GetSysColor
DefWindowProcW
CallWindowProcW
SetMenuItemInfoW
EndDialog
SystemParametersInfoW
CharNextW
EnumClipboardFormats
GetClipboardFormatNameW
GetClipboardData
MessageBoxW
RegisterClipboardFormatW
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
SetWindowLongW
EnumChildWindows
CharLowerW
SetParent
CopyRect
DestroyWindow
PostQuitMessage
KillTimer
GetActiveWindow
SetTimer
DispatchMessageW
TranslateMessage
GetMessageW
PeekMessageW
CreateDialogParamW
GetSystemMetrics
MapWindowPoints
GetSysColorBrush
ReleaseDC
GetDC
GetClientRect
GetDlgItem
LoadBitmapW
SetWindowPos
ShowWindow
IsDialogMessageW
GetParent
IsChild
GetFocus
TrackPopupMenuEx
DestroyMenu
GetWindow
CreateDialogIndirectParamW
GetClassInfoExW
RegisterWindowMessageW
GetWindowTextLengthW
EndPaint
FillRect
BeginPaint
IsWindow
RedrawWindow
GetClassNameW
GetDesktopWindow
CreateAcceleratorTableW
wsprintfW
LoadStringW
ReleaseCapture
GetIconInfo
SetCapture
DrawAnimatedRects
DestroyIcon
CopyImage
GetKeyboardState
MessageBoxA
DrawEdge
GetCapture
SetCursor
GetMessagePos
GetSubMenu
SetRectEmpty
GetWindowPlacement
RegisterHotKey
UnregisterHotKey
UnhookWindowsHookEx
SetDlgItemTextW
GetDlgItemTextW
EnableWindow
IsCharLowerW
SendMessageA
EnableMenuItem
CheckMenuItem
GetForegroundWindow
GetWindowThreadProcessId
AttachThreadInput
GetCaretPos
SetRect
SetForegroundWindow
SetActiveWindow
GetMenuItemRect
GetMenuItemCount
GetMenuState
GetMenuItemID
CreatePopupMenu
CharUpperW
keybd_event
MapVirtualKeyW
DialogBoxParamW
GetDlgItemInt
UpdateWindow
LoadIconW
LoadAcceleratorsW
EnumWindows
SendMessageTimeoutW
AppendMenuW
DrawFocusRect
InflateRect
IntersectRect
IsRectEmpty
ClientToScreen
MoveWindow
PostMessageW
SetWindowsHookExW
CallNextHookEx
GetWindowDC
GetMenuItemInfoW
OffsetRect
SetPropW
InvalidateRgn
DrawTextW
InvalidateRect
CreateIconIndirect

gdi32

LPtoDP
RestoreDC
LineTo
MoveToEx
CreatePen
SaveDC
DPtoLP
CreatePatternBrush
SetBitmapBits
GetBitmapBits
SetPixel
GetPixel
SetWindowOrgEx
GetBkColor
ExcludeClipRect
SetPixelV
GetTextExtentPoint32W
OffsetWindowOrgEx
GetClipBox
CreateSolidBrush
GetDeviceCaps
CreateDCW
CreateEnhMetaFileW
CloseEnhMetaFile
SelectPalette
RealizePalette
CreateCompatibleBitmap
GetCurrentObject
CreateBitmap
GetStockObject
SetBkMode
SetTextColor
GetDIBits
GetObjectW
CreateDIBSection
CreateCompatibleDC
SelectObject
SetBkColor
ExtTextOutW
CreateFontIndirectW
DeleteObject
BitBlt
DeleteDC
PatBlt

comdlg32

GetOpenFileNameW

advapi32

CryptAcquireContextW
CryptDestroyHash
CryptReleaseContext
CryptHashData
CryptGetHashParam
RegDeleteValueW
RegSetValueExW
RegCloseKey
RegCreateKeyExW
RegQueryValueExW
RegOpenKeyW
GetUserNameW
CryptCreateHash
OpenProcessToken
GetTokenInformation
RegOpenKeyExW

shell32

SHGetFileInfoW
SHAppBarMessage
Shell_NotifyIconW
SHGetDesktopFolder
ord25
ord155
SHGetMalloc
ExtractIconExW
SHGetSpecialFolderPathW
ShellExecuteW
ShellExecuteExW

ole32

RegisterDragDrop
CreateStreamOnHGlobal
CoInitialize
CoCreateInstance
OleInitialize
OleUninitialize
CLSIDFromProgID
CLSIDFromString
StringFromCLSID
OleLockRunning
CoTaskMemAlloc
DoDragDrop
CoTaskMemFree

oleaut32

VariantTimeToSystemTime
OleCreateFontIndirect
SysAllocStringLen
SafeArrayDestroy
VariantInit
SafeArrayCreateVector
SafeArrayAccessData
SafeArrayUnaccessData
SysAllocString
SysStringLen
LoadRegTypeLi
DispCallFunc
VariantClear
SysFreeString
SystemTimeToVariantTime

comctl32

ImageList_ReplaceIcon
ImageList_GetIcon
ImageList_GetImageCount
ImageList_Create
ImageList_Add
ImageList_Draw
ord17
ImageList_LoadImageW
InitCommonControlsEx
ImageList_DrawEx

Sections

.text
Size: 233KB - Virtual size: 232KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 30KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 72KB - Virtual size: 242KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ed794b16380bcc81cb03fc61693c9d94

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

comctl32

Sections

.text Size: 233KB - Virtual size: 232KB

.rdata Size: 30KB - Virtual size: 29KB

.data Size: 72KB - Virtual size: 242KB

.rsrc Size: 1.1MB - Virtual size: 1.1MB

.text
Size: 233KB - Virtual size: 232KB

.rdata
Size: 30KB - Virtual size: 29KB

.data
Size: 72KB - Virtual size: 242KB

.rsrc
Size: 1.1MB - Virtual size: 1.1MB