bbe8d561a6baf692bb5fbbf596f6f4ffefb1ed3f61a8524b5baa3ca054985b33

Sharing

Copy URL

Twitter E-mail

General

Target

bbe8d561a6baf692bb5fbbf596f6f4ffefb1ed3f61a8524b5baa3ca054985b33
Size

6.4MB
MD5

641f341235f9fb6cff3df2afed4679b7
SHA1

82f6d33ca40db10d9182f65f035fb90c9124e5cc
SHA256

bbe8d561a6baf692bb5fbbf596f6f4ffefb1ed3f61a8524b5baa3ca054985b33
SHA512

34aef658c39d97b5a2a43d9b78b35d9e2334650120887cca7b4fe7b0350c45467e3c75405ef7dfab519eebde2e884238e838221c091fcae5293695305ff818e8
SSDEEP

196608:h7Msp9kxfZEZKiuhc7gOi6AVrlPsaNy4ghxwQQAn3B3:h7NDkx6JacVilB+H5cQhF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bbe8d561a6baf692bb5fbbf596f6f4ffefb1ed3f61a8524b5baa3ca054985b33

Files

bbe8d561a6baf692bb5fbbf596f6f4ffefb1ed3f61a8524b5baa3ca054985b33
.exe windows x86

e5f068a3dfdef7d569996b2d6b448bf9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc
VirtualFree
VirtualProtect
MapViewOfFile
UnmapViewOfFile
GetModuleFileNameA
GetModuleFileNameW
GetModuleHandleA
GetProcAddress
LoadLibraryA
CreateFileA
CreateFileW
WriteFile
CloseHandle
GetLocalTime
VirtualQuery
CreateFileMappingW
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetCurrentProcess
FlushInstructionCache
GetSystemInfo
VirtualProtectEx
MultiByteToWideChar
GetProfileStringA
LoadLibraryA

user32

wsprintfA
IsIconic

shlwapi

ord158

winmm

midiStreamOut

ws2_32

WSAAsyncSelect

gdi32

GetTextMetricsA

winspool.drv

OpenPrinterA

advapi32

RegCloseKey

shell32

ShellExecuteA

ole32

CLSIDFromString

oleaut32

LoadTypeLi

comctl32

ord17

comdlg32

ChooseColorA

Sections

.text
Size: - Virtual size: 472KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 28.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 183KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vdata
Size: - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: - Virtual size: 5.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 220KB - Virtual size: 216KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

e5f068a3dfdef7d569996b2d6b448bf9

Headers

File Characteristics

Imports

kernel32

user32

shlwapi

winmm

ws2_32

gdi32

winspool.drv

advapi32

shell32

ole32

oleaut32

comctl32

comdlg32

Sections

.text Size: - Virtual size: 472KB

.rdata Size: - Virtual size: 28.0MB

.data Size: - Virtual size: 183KB

.vdata Size: - Virtual size: 36KB

.text Size: - Virtual size: 5.0MB

.data Size: - Virtual size: 33KB

Size: 220KB - Virtual size: 216KB

.rsrc Size: 36KB - Virtual size: 36KB

.text
Size: - Virtual size: 472KB

.rdata
Size: - Virtual size: 28.0MB

.data
Size: - Virtual size: 183KB

.vdata
Size: - Virtual size: 36KB

.text
Size: - Virtual size: 5.0MB

.data
Size: - Virtual size: 33KB

.rsrc
Size: 36KB - Virtual size: 36KB