bc58d7ce32f93c74ab8032b19c5af4e45271a54d0071e93f8c4ea0eb23f16c01

Resubmissions

04/06/2023, 15:20

230604-sq122sdb7s 3

04/06/2023, 15:19

230604-sp7hfadb6z 3

04/06/2023, 06:27

230604-g77elsbh7z 3

Sharing

Copy URL

Twitter E-mail

General

Target

bc58d7ce32f93c74ab8032b19c5af4e45271a54d0071e93f8c4ea0eb23f16c01
Size

6.3MB
MD5

1a4c31968ff59344a2b77fb5a5196ad4
SHA1

52cb3fa9b84665c88caa645e0100ca3ddc5a0bb2
SHA256

bc58d7ce32f93c74ab8032b19c5af4e45271a54d0071e93f8c4ea0eb23f16c01
SHA512

5b56c990df8d180b455618faeb431a7b62e385fe8b98972471862ee1dd176760afe06058b4057a29efb8bd7168ecad614b21011bdee35d4c45a80d6bef53991d
SSDEEP

49152:8GSCDOKa0mPXpq7gMnFUDsn0Dboo8GZV0jBB1h2ApWvJ4+nVLudREgzlIaN:XD3rn2CsW1N

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bc58d7ce32f93c74ab8032b19c5af4e45271a54d0071e93f8c4ea0eb23f16c01

Files

bc58d7ce32f93c74ab8032b19c5af4e45271a54d0071e93f8c4ea0eb23f16c01
.exe windows x64

431d76fa4acc2ccebd298b10fc637d3f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

ws2_32

ioctlsocket
recv
send
connect
htons
socket
inet_addr
closesocket

shlwapi

PathFindExtensionW

kernel32

GetDriveTypeW
GetFileSizeEx
GetLogicalDrives
ReadFile
SetFileAttributesW
SetFilePointerEx
WriteFile
IsDebuggerPresent
DebugBreak
CloseHandle
GetLastError
HeapAlloc
HeapFree
GetProcessHeap
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
Sleep
WaitForMultipleObjects
GetCurrentProcess
CreateThread
ExitThread
GetProcessId
GetWindowsDirectoryW
GetModuleFileNameW
GetModuleHandleW
MoveFileW
MultiByteToWideChar
WideCharToMultiByte
SetConsoleTextAttribute
GetFileSize
GetACP
GetThreadLocale
GetConsoleOutputCP
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
LocalAlloc
LocalFree
TryEnterCriticalSection
DeleteCriticalSection
CreateDirectoryW
GetFileType
GetTempPathW
GetCurrentProcessId
FindNextFileW
GetEnvironmentVariableA
SetEnvironmentVariableA
SetCurrentDirectoryW
GetCurrentDirectoryW
GetFileAttributesW
GetFullPathNameW
ExpandEnvironmentStringsA
SetEvent
ResetEvent
WaitForSingleObject
CreateEventW
DeviceIoControl
GetProcessTimes
GetCurrentThread
GetCurrentThreadId
GetStartupInfoW
GetThreadTimes
GetVersionExW
OpenFileMappingW
MapViewOfFile
UnmapViewOfFile
GetProcessWorkingSetSize
FreeLibrary
GetProcAddress
LoadLibraryW
GlobalMemoryStatus
SetLastError
QueryPerformanceCounter
QueryPerformanceFrequency
OutputDebugStringW
HeapQueryInformation
HeapReAlloc
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
CompareStringW
GetTimeFormatW
GetDateFormatW
DuplicateHandle
ReadConsoleW
GetConsoleMode
GetCommandLineW
GetCommandLineA
FindFirstFileW
FindClose
CreateFileW
GetStdHandle
SetConsoleCtrlHandler
FlushFileBuffers
SetEndOfFile
GetTimeZoneInformation
FindFirstFileExW
GetFileAttributesExW
IsValidCodePage
GetOEMCP
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
GetTickCount
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
PeekNamedPipe
GetFileInformationByHandle
WriteConsoleW
SetStdHandle
GetSystemInfo
HeapValidate
HeapSize
GetModuleHandleExW
ExitProcess
RtlUnwind
InitializeSRWLock
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
TryAcquireSRWLockExclusive
FormatMessageA
GetStringTypeW
InitializeCriticalSectionEx
GetLocaleInfoEx
EncodePointer
DecodePointer
LCMapStringEx
SetFileInformationByHandle
FlsAlloc
FlsGetValue
FlsSetValue
FlsFree
InitOnceExecuteOnce
InitializeConditionVariable
WakeConditionVariable
WakeAllConditionVariable
SleepConditionVariableCS
SleepConditionVariableSRW
CreateEventExW
CreateSemaphoreExW
FlushProcessWriteBuffers
GetCurrentProcessorNumber
GetSystemTimeAsFileTime
GetTickCount64
FreeLibraryWhenCallbackReturns
CreateThreadpoolWork
SubmitThreadpoolWork
CloseThreadpoolWork
CreateThreadpoolTimer
SetThreadpoolTimer
WaitForThreadpoolTimerCallbacks
CloseThreadpoolTimer
CreateThreadpoolWait
SetThreadpoolWait
CloseThreadpoolWait
GetFileInformationByHandleEx
CreateSymbolicLinkW
CompareStringEx
GetCPInfo
InitializeCriticalSectionAndSpinCount
WaitForSingleObjectEx
InitializeSListHead
RaiseException
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
VirtualQuery
InterlockedPushEntrySList
InterlockedFlushSList
RtlPcToFileHeader
RtlUnwindEx
LoadLibraryExW

user32

SystemParametersInfoW
GetProcessWindowStation
GetDesktopWindow
GetCaretPos
GetCursorPos
GetCapture
GetInputState
GetFocus
GetActiveWindow
GetOpenClipboardWindow
GetClipboardViewer
GetClipboardOwner
GetMessageTime
GetMessagePos

advapi32

RegQueryValueExA
CryptGenRandom
CryptReleaseContext
CryptAcquireContextA
RegQueryValueExW
RegOpenKeyExW
RegOpenKeyExA
RegCloseKey
StartServiceW
OpenServiceW
OpenSCManagerW
CloseServiceHandle
GetUserNameW
GetTokenInformation
OpenProcessToken

shell32

ShellExecuteExW

ole32

CoCreateGuid
StringFromCLSID
CoTaskMemFree

rstrtmgr

RmGetList
RmRegisterResources
RmEndSession
RmStartSession
RmShutdown

Sections

.text
Size: 4.6MB - Virtual size: 4.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 102KB - Virtual size: 125KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 235KB - Virtual size: 234KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.msvcjmc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

_RDATA
Size: 512B - Virtual size: 348B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Resubmissions

Sharing

General

Malware Config

Signatures

Files

431d76fa4acc2ccebd298b10fc637d3f

Headers

DLL Characteristics

File Characteristics

Imports

ws2_32

shlwapi

kernel32

user32

advapi32

shell32

ole32

rstrtmgr

Sections

.text Size: 4.6MB - Virtual size: 4.6MB

.rdata Size: 1.3MB - Virtual size: 1.3MB

.data Size: 102KB - Virtual size: 125KB

.pdata Size: 235KB - Virtual size: 234KB

.msvcjmc Size: 9KB - Virtual size: 8KB

_RDATA Size: 512B - Virtual size: 348B

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 32KB - Virtual size: 32KB

.text
Size: 4.6MB - Virtual size: 4.6MB

.rdata
Size: 1.3MB - Virtual size: 1.3MB

.data
Size: 102KB - Virtual size: 125KB

.pdata
Size: 235KB - Virtual size: 234KB

.msvcjmc
Size: 9KB - Virtual size: 8KB

_RDATA
Size: 512B - Virtual size: 348B

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 32KB - Virtual size: 32KB