bc1d7fb307a2713f7d4f198b2929ce6f[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

bc1d7fb307a2713f7d4f198b2929ce6f.exe
Size

589KB
MD5

bc1d7fb307a2713f7d4f198b2929ce6f
SHA1

d2cfdc28c15f49f533bf48edde6f5323f4116f33
SHA256

b134b9965abcc984aee76a70df95394d3baad30adfcb43ef0c556f65b403bc53
SHA512

83f50a712624178435b994d508ed9a17d5c77f0c4dc08b4a60482dbff88ab326619597f8c5b60a15cb9a6056e8904101b94870305279a88adfa31baacf21543a
SSDEEP

6144:MTOuy+iTPC6i7u+W/XkbZpOXYicJMYgTsGSH8BZ+mxw+V2oUg8lLLtoatc:qes4kkBThb7Wq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bc1d7fb307a2713f7d4f198b2929ce6f.exe

Files

bc1d7fb307a2713f7d4f198b2929ce6f.exe
.exe windows x86

bc995d314526062de9c69ce50fed50d5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapCreate
GetTickCount
GetCommandLineA
IsProcessorFeaturePresent
SetLastError
InterlockedDecrement
GetCurrentThreadId
IsDebuggerPresent
EncodePointer
DecodePointer
GetModuleHandleExW
GetProcAddress
GetStdHandle
WriteFile
GetFileType
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
InitOnceExecuteOnce
GetStartupInfoW
GetModuleFileNameA
QueryPerformanceCounter
GetSystemTimeAsFileTime
GetTickCount64
GetEnvironmentStringsW
FreeEnvironmentStringsW
UnhandledExceptionFilter
FlsAlloc
FlsGetValue
FlsSetValue
FlsFree
SetUnhandledExceptionFilter
EnterCriticalSection
LeaveCriticalSection
Sleep
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
LoadLibraryExW
OutputDebugStringW
LoadLibraryW
RtlUnwind
HeapReAlloc
GetStringTypeW
HeapSize
LCMapStringEx
FlushFileBuffers
GetConsoleCP
GetConsoleMode
SetStdHandle
SetFilePointerEx
WriteConsoleW
OutputDebugStringA
WaitForSingleObject
IsBadWritePtr
HeapDestroy
CreateEventW
ExitProcess
GetLastError
WideCharToMultiByte
CreateFileW
ReadFile
CloseHandle
GetCurrentProcess
MultiByteToWideChar
GetModuleHandleW
InterlockedIncrement
GetModuleFileNameW
lstrlenW
HeapFree
MulDiv
GetProcessHeap
TerminateProcess
HeapAlloc

user32

ReleaseDC
GetDC
GetSystemMetrics

advapi32

RegCloseKey
RegOpenKeyExW
RegQueryValueExW

gdi32

StretchBlt
SelectObject
CreateCompatibleDC
CreateCompatibleBitmap
SelectClipRgn
LineTo
SetStretchBltMode
MoveToEx
GetDeviceCaps
ExtTextOutW
TextOutW
BitBlt
ExtSelectClipRgn
DeleteDC
DeleteObject
GdiFlush
CreateDIBSection

winmm

waveOutOpen
waveOutClose
waveOutGetVolume
PlaySoundW

msimg32

GradientFill

Sections

.text
Size: 450KB - Virtual size: 450KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 129KB - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bc995d314526062de9c69ce50fed50d5

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

gdi32

winmm

msimg32

Sections

.text Size: 450KB - Virtual size: 450KB

.rdata Size: 129KB - Virtual size: 128KB

.data Size: 3KB - Virtual size: 11KB

.reloc Size: 5KB - Virtual size: 4KB

.text
Size: 450KB - Virtual size: 450KB

.rdata
Size: 129KB - Virtual size: 128KB

.data
Size: 3KB - Virtual size: 11KB

.reloc
Size: 5KB - Virtual size: 4KB