new bomani[.]exe | Triage

Resubmissions

30-03-2022 09:01

220330-ky7kssbab7 9

Sharing

General

Target

new bomani.exe
Size

78KB
MD5

1a75e7dd18a7186ca44fcf27eb94c4aa
SHA1

049917bb6e78a990f753119e36015c540d51d28f
SHA256

bbad11dfe76b92735648bce03bc5e163e235120d1114391be78665f8c2f14c94
SHA512

8fc7ec6637279dab404cba57c913bfa095de487b2217e7aab9d8653644649e5a2c50882f9ee825f4b0403b45257114d6e6e65e6f2f2e947aa7e00b762ebaa258

Score

N/A

Malware Config

Signatures

Files

new bomani.exe
.exe windows x86

4a8f67626a33a905f2be5e56249b73ee

Code Sign

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_ISOLATION
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapAlloc
HeapReAlloc
HeapFree
GetProcessHeap
OpenProcess
GetFileSizeEx
CloseHandle
lstrcmpiW
CreateFileW
VirtualAlloc
VirtualFree
GetProcAddress
MapViewOfFile
UnmapViewOfFile
CreateFileMappingW
LoadLibraryW
GetLastError
WriteFile
ReadFile
SetEndOfFile
SetFilePointerEx
lstrlenW
Wow64DisableWow64FsRedirection
Wow64RevertWow64FsRedirection
SetFileAttributesW
GetFileAttributesW
MoveFileExW
LocalFree
GetCurrentProcess
GetCurrentProcessId
ExitProcess
CreateThread
GetCurrentThread
SetThreadPriority
CreateIoCompletionPort
PostQueuedCompletionStatus
WaitForMultipleObjects
Sleep
GetLogicalDrives
SetFilePointer
lstrcatW
GetModuleFileNameW
GetCommandLineW
GetEnvironmentVariableW
GetDriveTypeW
QueryDosDeviceW
CopyFileW
MoveFileW
SetPriorityClass
FindFirstVolumeW
FindNextVolumeW
FindVolumeClose
SetVolumeMountPointW
GetVolumePathNamesForVolumeNameW
ExitThread
GetQueuedCompletionStatus
FindClose
FindFirstFileW
FindNextFileW

Sections

.rdata
Size: 77KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE