TBKT[.]exe[.]bin

Sharing

Copy URL Twitter E-mail

General

Target

TBKT.exe.bin
Size

220KB
MD5

5ab30f7ecf7f73153076b1f82c25b28b
SHA1

d30d71588cd0fd73b438839da6460f61fc3f0467
SHA256

d285be7d4e981760b4f362918048b41ca47e4a4bf9212fd4c520a87bd0f31eb7
SHA512

9b19501691d7fbabe03d11025cf7bad2dd7a8d1f39cb3ea117bb94bc77cd5f5064bcad3969a485e3a3492becc84c618ac7a9d920fc8f22ff91fd903f0e832b22
SSDEEP

3072:blrjRTKND84A5TKN+Jij+nJHAn4IsSSPTKNShfXuCodPSfe8XS:bpjRTKZe5TK8e+bTKAhXu9dy

Score

N/A

Malware Config

Signatures

Files

TBKT.exe.bin
.exe windows x64

bfd1c5c8b2747366ef2c535fe61b3553

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED

Imports

advapi32

GetUserNameA
RegCloseKey
RegOpenKeyA
RegQueryValueExA

kernel32

AddVectoredExceptionHandler
CloseHandle
CopyFileA
CreateDirectoryA
CreateFileA
CreateMutexA
CreateProcessA
CreateToolhelp32Snapshot
DeleteCriticalSection
EnterCriticalSection
ExitProcess
FindFirstFileA
FindNextFileA
GetCurrentDirectoryA
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetLastError
GetModuleFileNameA
GetStartupInfoA
GetSystemTimeAsFileTime
GetTempPathA
GetTickCount
InitializeCriticalSection
IsDebuggerPresent
LeaveCriticalSection
OpenProcess
Process32First
Process32Next
QueryPerformanceCounter
ReadFile
RemoveVectoredExceptionHandler
RtlAddFunctionTable
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
SetFileAttributesA
SetFilePointer
SetUnhandledExceptionFilter
Sleep
TerminateProcess
TlsGetValue
UnhandledExceptionFilter
VirtualProtect
VirtualQuery
WriteFile

msvcrt

__C_specific_handler
__getmainargs
__initenv
__iob_func
__lconv_init
__set_app_type
__setusermatherr
_acmdln
_amsg_exit
_cexit
_chdir
_fmode
_initterm
_onexit
_pclose
_popen
_stricmp
abort
calloc
exit
fgets
fprintf
fread
free
fwrite
malloc
memcpy
memset
printf
signal
sprintf
strcat
strcmp
strcpy
strlen
strncmp
strstr
system
vfprintf

user32

MessageBoxA
SendInput

winmm

mciSendStringA

ws2_32

getaddrinfo

wsock32

WSACleanup
WSAStartup
connect
recv
send
socket

Sections

.text
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 177KB - Virtual size: 176KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 104B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

bfd1c5c8b2747366ef2c535fe61b3553

Headers

File Characteristics

Imports

advapi32

kernel32

msvcrt

user32

winmm

ws2_32

wsock32

Sections

.text Size: 24KB - Virtual size: 23KB

.data Size: 177KB - Virtual size: 176KB

.rdata Size: 2KB - Virtual size: 2KB

.pdata Size: 1KB - Virtual size: 1KB

.xdata Size: 1KB - Virtual size: 1KB

.bss Size: - Virtual size: 2KB

.idata Size: 4KB - Virtual size: 3KB

.CRT Size: 512B - Virtual size: 104B

.tls Size: 512B - Virtual size: 16B

.rsrc Size: 7KB - Virtual size: 7KB

.text
Size: 24KB - Virtual size: 23KB

.data
Size: 177KB - Virtual size: 176KB

.rdata
Size: 2KB - Virtual size: 2KB

.pdata
Size: 1KB - Virtual size: 1KB

.xdata
Size: 1KB - Virtual size: 1KB

.bss
Size: - Virtual size: 2KB

.idata
Size: 4KB - Virtual size: 3KB

.CRT
Size: 512B - Virtual size: 104B

.tls
Size: 512B - Virtual size: 16B

.rsrc
Size: 7KB - Virtual size: 7KB