bd851114b41b8d429b088e1c0c36f1b7b9cc58a6fed588c1f845e9511bb831dd

Sharing

Copy URL Twitter E-mail

General

Target

bd851114b41b8d429b088e1c0c36f1b7b9cc58a6fed588c1f845e9511bb831dd
Size

7.7MB
MD5

a6b364c6b76d929488b9674ef8d80204
SHA1

8d2c483680cc0ded509fc09b334399e159ffd130
SHA256

bd851114b41b8d429b088e1c0c36f1b7b9cc58a6fed588c1f845e9511bb831dd
SHA512

f11fab02cda6cceb7e54427852513e010e35a1c60bdba33ab7680f3ca05461cb5c7ee9e40b5263734d8ee61ce7c108c2c06befbae6e753b6803068e890b1d437
SSDEEP

196608:1skbicg8JH+HviH1Xq3TPoseFkZu44m/MLdXq7:1syU8AcqjPozGaLdg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bd851114b41b8d429b088e1c0c36f1b7b9cc58a6fed588c1f845e9511bb831dd

Files

bd851114b41b8d429b088e1c0c36f1b7b9cc58a6fed588c1f845e9511bb831dd
.exe windows:5 windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

TMethodImplementationIntercept
__dbk_fcall_wrapper
dbkFCallWrapperAddr

Sections

Size: 2.6MB - Virtual size: 6.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Size: 12KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Size: 57KB - Virtual size: 177KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 111KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 1KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 7KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 154B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: - Virtual size: 84B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 93B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 300KB - Virtual size: 552KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Size: 835KB - Virtual size: 2.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.winlice
Size: - Virtual size: 6.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.boot
Size: 3.9MB - Virtual size: 3.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 16B - Virtual size: 4KB

IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Headers

DLL Characteristics

File Characteristics

Exports

Exports

Sections

Size: 2.6MB - Virtual size: 6.8MB

Size: 12KB - Virtual size: 25KB

Size: 57KB - Virtual size: 177KB

.bss Size: - Virtual size: 111KB

Size: 1KB - Virtual size: 16KB

Size: 7KB - Virtual size: 26KB

Size: 512B - Virtual size: 154B

.tls Size: - Virtual size: 84B

Size: 512B - Virtual size: 93B

Size: 300KB - Virtual size: 552KB

Size: 835KB - Virtual size: 2.1MB

.edata Size: 512B - Virtual size: 4KB

.idata Size: 1024B - Virtual size: 4KB

.tls Size: 512B - Virtual size: 4KB

.rsrc Size: 14KB - Virtual size: 14KB

.winlice Size: - Virtual size: 6.4MB

.boot Size: 3.9MB - Virtual size: 3.9MB

.reloc Size: 16B - Virtual size: 4KB

.bss
Size: - Virtual size: 111KB

.tls
Size: - Virtual size: 84B

.edata
Size: 512B - Virtual size: 4KB

.idata
Size: 1024B - Virtual size: 4KB

.tls
Size: 512B - Virtual size: 4KB

.rsrc
Size: 14KB - Virtual size: 14KB

.winlice
Size: - Virtual size: 6.4MB

.boot
Size: 3.9MB - Virtual size: 3.9MB

.reloc
Size: 16B - Virtual size: 4KB