bb5e7fac4c000c211b4a39316c9cc45baa0d8c06538b9a79fd125dfe3a5b29bc

Sharing

Copy URL Twitter E-mail

General

Target

bb5e7fac4c000c211b4a39316c9cc45baa0d8c06538b9a79fd125dfe3a5b29bc
Size

2.4MB
MD5

23955217db606ba21641935730c4949c
SHA1

c0ab2690c7c91060f84b2b0ad0ce22d5f58b8d2c
SHA256

bb5e7fac4c000c211b4a39316c9cc45baa0d8c06538b9a79fd125dfe3a5b29bc
SHA512

1f4c5ac8a4a996dbecd6757a6ee93c00578e25b0f84bd3d8abda6c8a52253b97f54f6ec1255b8cc4666816caf711395d0ced19e997bb68c36ee2ab54782d7370
SSDEEP

49152:BF3jC/ee9H1HEJn3jC/ee9H1HEJqy3G3Q/RyRnNv7+kbhMj/fzy3G3Q/RyRnNv71:BF3jC/ee9H1HEJn3jC/ee9H1HEJqy3Gg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bb5e7fac4c000c211b4a39316c9cc45baa0d8c06538b9a79fd125dfe3a5b29bc

Files

bb5e7fac4c000c211b4a39316c9cc45baa0d8c06538b9a79fd125dfe3a5b29bc
.exe windows x86

341475e007484d9bd924dcc5423ba96c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
ExpandEnvironmentStringsA
LocalAlloc
WideCharToMultiByte
LocalFree
GetProcAddress
FindResourceExW
LoadResource
LockResource
GetACP
GetModuleHandleA
lstrlenA
GetVersionExA
GetModuleFileNameA
lstrcpynA
CreateMutexA
GetLastError
CloseHandle
VirtualProtect
GetLocaleInfoA
LCMapStringW
LCMapStringA
GetStringTypeW
MultiByteToWideChar
GetStringTypeA
VirtualQuery
InterlockedExchange
RtlUnwind
HeapReAlloc
VirtualAlloc
Sleep
GetCPInfo
GetOEMCP
GetSystemInfo
LoadLibraryA
VirtualFree
HeapCreate
HeapDestroy
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetStdHandle
WriteFile
ExitProcess
GetStartupInfoA
GetProcessHeap
HeapAlloc
HeapFree
GetCommandLineA

advapi32

RegCloseKey
RegOpenKeyExA
RegQueryValueExA

gdi32

CreateHalftonePalette
UpdateColors
SelectPalette
UnrealizeObject
RealizePalette
BitBlt
SetMapMode
GetTextExtentPoint32A
GetDeviceCaps
GetObjectA
SelectObject
TranslateCharsetInfo
EnumFontFamiliesExA
CreateFontIndirectA
CreatePatternBrush
CreateSolidBrush
DeleteObject
DeleteDC
SetTextColor
SetBkMode
CreateCompatibleDC

user32

DrawTextA
FillRect
DrawFocusRect
GetDesktopWindow
RegisterClassA
LoadIconA
CharNextA
DefWindowProcA
GetParent
GetWindowLongA
CallWindowProcA
GetForegroundWindow
PtInRect
LoadCursorA
SetCursor
SetFocus
BeginPaint
EndPaint
SetWindowLongA
PostQuitMessage
SetWindowTextA
EnableWindow
GetMessageA
GetFocus
GetDlgCtrlID
SendMessageA
IsDialogMessageA
TranslateMessage
CreateWindowExA
AdjustWindowRect
ShowWindow
UpdateWindow
InvalidateRect
GetDC
GetDlgItem
SetWindowPos
ReleaseDC
GetSysColor
LoadImageA
SystemParametersInfoA
MessageBeep
PostMessageA
FindWindowA
SetForegroundWindow
DispatchMessageA

shell32

ShellExecuteA

Sections

.text
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2.4MB - Virtual size: 2.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

341475e007484d9bd924dcc5423ba96c

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

advapi32

gdi32

user32

shell32

Sections

.text Size: 32KB - Virtual size: 32KB

.data Size: 4KB - Virtual size: 4KB

.rsrc Size: 2.4MB - Virtual size: 2.4MB

.text
Size: 32KB - Virtual size: 32KB

.data
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 2.4MB - Virtual size: 2.4MB