bc3b95e410b62ae0a95502577d1450420742804119779f64a9d75a936789ced3

Sharing

Copy URL Twitter E-mail

General

Target

bc3b95e410b62ae0a95502577d1450420742804119779f64a9d75a936789ced3
Size

755KB
MD5

0df7d83cace850f7decbc748bee3de35
SHA1

6328211c174764f4caef712e16f57d7c3f23ca0e
SHA256

bc3b95e410b62ae0a95502577d1450420742804119779f64a9d75a936789ced3
SHA512

e9090fa03aead6ebad6d1aeb4e0c0471e96f8b81b26040db56ace6413447436a8868a548cec2fd0560995efc5da9ec890deda1edcf58bcafd7df3992d7e8a987
SSDEEP

12288:3zlM5x4RNyBY+6FggLbrQXbR7jqkf1Hm7tJc0FS3jicGWVSI7dMua43Ek0cIHAN7:3pMx4CBL6LaRFdGJm0Q3WKVSwdr13Ek9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bc3b95e410b62ae0a95502577d1450420742804119779f64a9d75a936789ced3

Files

bc3b95e410b62ae0a95502577d1450420742804119779f64a9d75a936789ced3
.exe windows:6 windows x64

cbf7526d7092c7a4be7d9ff2d363c48c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

cfgmgr32

CM_Get_DevNode_Status

advapi32

GetTraceLoggerHandle
CreateServiceW
ReportEventW
RegisterEventSourceW
TraceMessage
QueryServiceStatus
CloseServiceHandle
OpenSCManagerW
DeregisterEventSource
UnregisterTraceGuids
RegisterTraceGuidsW
GetTraceEnableLevel
GetTraceEnableFlags
DeleteService
ControlService
RegQueryValueExW
OpenServiceW
RegisterServiceCtrlHandlerExW
RegCloseKey
StartServiceCtrlDispatcherW
RegOpenKeyExW
SetServiceStatus

kernel32

Sleep
CreateFileW
SetEvent
TerminateThread
HeapReAlloc
WaitForSingleObject
CreateThread
ResetEvent
HeapSize
WaitForMultipleObjects
GetConsoleMode
GetConsoleOutputCP
FlushFileBuffers
GetModuleFileNameW
WriteConsoleW
GetLastError
GetLocalTime
CloseHandle
OutputDebugStringW
CreateEventW
SetFilePointerEx
GetFileSizeEx
GetStringTypeW
SetStdHandle
GetProcessHeap
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
WideCharToMultiByte
MultiByteToWideChar
GetCPInfo
GetOEMCP
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
GetModuleHandleW
GetProcAddress
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
RtlUnwindEx
RtlPcToFileHeader
RaiseException
SetLastError
EncodePointer
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
LoadLibraryExW
ExitProcess
GetModuleHandleExW
GetStdHandle
WriteFile
GetCommandLineA
GetCommandLineW
HeapFree
HeapAlloc
GetFileType
FlsAlloc
FlsGetValue
FlsSetValue
FlsFree
CompareStringW
LCMapStringW
FindClose
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetACP

setupapi

SetupDiCallClassInstaller
SetupDiEnumDeviceInfo
SetupDiGetDeviceRegistryPropertyW
SetupDiGetClassDevsW
SetupDiSetClassInstallParamsW
SetupDiDestroyDeviceInfoList

user32

wsprintfW
UnregisterPowerSettingNotification
RegisterPowerSettingNotification

Sections

.text
Size: 116KB - Virtual size: 116KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 58KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 348B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 568KB - Virtual size: 572KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

cbf7526d7092c7a4be7d9ff2d363c48c

Headers

DLL Characteristics

File Characteristics

Imports

cfgmgr32

advapi32

kernel32

setupapi

user32

Sections

.text Size: 116KB - Virtual size: 116KB

.rdata Size: 58KB - Virtual size: 58KB

.data Size: 3KB - Virtual size: 8KB

.pdata Size: 6KB - Virtual size: 5KB

_RDATA Size: 512B - Virtual size: 348B

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 568KB - Virtual size: 572KB

.text
Size: 116KB - Virtual size: 116KB

.rdata
Size: 58KB - Virtual size: 58KB

.data
Size: 3KB - Virtual size: 8KB

.pdata
Size: 6KB - Virtual size: 5KB

_RDATA
Size: 512B - Virtual size: 348B

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 568KB - Virtual size: 572KB