0c6ce702fcb8a11109a2fdac76b125fc00eda0611ec7df3609534ec8f9f9ecf9

Sharing

Copy URL Twitter E-mail

General

Target

0c6ce702fcb8a11109a2fdac76b125fc00eda0611ec7df3609534ec8f9f9ecf9
Size

405KB
MD5

e014269bf8919267d155f14438a378c6
SHA1

f492b47bb8a9dd3ae2c8b47f20fda4bf9fc4c825
SHA256

0c6ce702fcb8a11109a2fdac76b125fc00eda0611ec7df3609534ec8f9f9ecf9
SHA512

c063fa4ecbcccdd474f89214e68815f35cf70f196dd288b9e10a3e5ffb880828a0fdb176abd5a40153a79f7f455085d199722bd45e1883bcd108d742b570d48b
SSDEEP

12288:ynmavjnKQ/81KUGkIV3pvkUPBbSaS7oGKbbywBKtsMree:IjnKe81n8GwbSj7o56qKtsMSe

Score

N/A

Malware Config

Signatures

Files

0c6ce702fcb8a11109a2fdac76b125fc00eda0611ec7df3609534ec8f9f9ecf9
.zip
bit_che_install.exe
.exe windows x86

681ea0c8082f3c8f8b10bc6c4383830c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateEventW
CreateFileA
CreateFileMappingA
CreateFileW
CreateMutexW
CreateProcessW
CreateThread
DebugBreak
DeleteCriticalSection
DeleteFileA
DeleteFileW
EnterCriticalSection
ExitProcess
ExitThread
FileTimeToDosDateTime
FileTimeToLocalFileTime
FindClose
FindFirstFileA
FindFirstFileW
FindNextFileW
FormatMessageW
GetCommState
GetCurrentDirectoryW
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetDiskFreeSpaceW
GetEnvironmentVariableW
GetFileAttributesA
GetFileAttributesW
GetLastError
GetModuleFileNameW
GetModuleHandleA
GetProcAddress
GetProcessHeap
GetStartupInfoA
GetSystemDirectoryW
GetSystemTimeAsFileTime
GetTempFileNameA
CreateEventA
GetTickCount
GetVersion
GetVersionExA
GetVersionExW
GetWindowsDirectoryW
HeapAlloc
HeapFree
InitializeCriticalSection
IsDBCSLeadByte
LeaveCriticalSection
LoadLibraryW
LocalAlloc
LocalFree
MapViewOfFile
MultiByteToWideChar
OpenFileMappingA
OpenProcess
QueryPerformanceCounter
ReadFile
ResetEvent
SetCommState
SetCommTimeouts
SetCurrentDirectoryW
SetErrorMode
SetEvent
SetFileAttributesW
SetFilePointer
SetLastError
SetUnhandledExceptionFilter
TerminateProcess
UnhandledExceptionFilter
UnmapViewOfFile
WaitForMultipleObjects
WaitForSingleObject
WideCharToMultiByte
WriteFile
lstrcatW
lstrcpyW
lstrlenW
CreateDirectoryW
CreateDirectoryA
CopyFileW
CloseHandle
GetDriveTypeA
GetModuleHandleW
GetTempPathA
VirtualAllocEx

user32

GetSysColor
LoadCursorA

gdi32

DeleteEnhMetaFile
AddFontResourceW
CreateFontIndirectW
GetDeviceCaps

advapi32

RegOpenKeyExA
RegQueryValueExW

ole32

OleUninitialize
OleInitialize
CoUninitialize
CoTaskMemFree
CoTaskMemAlloc
CoInitialize
CoCreateInstance
CLSIDFromString

msvcrt

wcsrchr
wcsncpy
wcslen
wcscpy
wcschr
wcscat
towlower
strtoul
setlocale
_XcptFilter
__getmainargs
__lconv_init
__p__commode
__p__fmode
__set_app_type
__setusermatherr
_acmdln
_adjust_fdiv
_c_exit
_cexit
_controlfp
_exit
_ftol
_initterm
_mbschr
_mbsinc
_mbsrchr
_wcsicmp
_wcsnicmp
_wtoi
exit
free
iswspace
memmove

Sections

.text
Size: 1.0MB - Virtual size: 1.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

681ea0c8082f3c8f8b10bc6c4383830c

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

ole32

msvcrt

Sections

.text Size: 1.0MB - Virtual size: 1.0MB

.data Size: 23KB - Virtual size: 23KB

.rsrc Size: 2KB - Virtual size: 2KB

.text
Size: 1.0MB - Virtual size: 1.0MB

.data
Size: 23KB - Virtual size: 23KB

.rsrc
Size: 2KB - Virtual size: 2KB