bb0db6b1921a849d4892100a6ac67e9beb947ad9e2be83ab8d44ddcb21c074dd

Sharing

Copy URL

Twitter E-mail

General

Target

bb0db6b1921a849d4892100a6ac67e9beb947ad9e2be83ab8d44ddcb21c074dd
Size

711KB
MD5

54313c7abe751e3a29ddbd7b2804c482
SHA1

c9dfe54bdbb859ce7deea5893fdf064813d4418a
SHA256

bb0db6b1921a849d4892100a6ac67e9beb947ad9e2be83ab8d44ddcb21c074dd
SHA512

175555522d4f97df38e731a2474f613cae3228f2f886fa0fdb65d7c706207c0e796628114c2f242777e7c8002841345b1dc7de7ba1cd7512120937a6082768a5
SSDEEP

6144:bj3+VSk78WBWh8CiXaS+XZZRHQFJqrT1X8nEM30DVSlnZ:brQ78Ww2XaljHQzqrT1XSkxYZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bb0db6b1921a849d4892100a6ac67e9beb947ad9e2be83ab8d44ddcb21c074dd

Files

bb0db6b1921a849d4892100a6ac67e9beb947ad9e2be83ab8d44ddcb21c074dd
.exe windows:6 windows x86

a0db7ef73ef297ffb2dbf1d432bd365c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ImageList_SetImageCount
ImageList_Remove
InitCommonControlsEx
ImageList_Create
ImageList_Destroy
ImageList_SetOverlayImage
ImageList_GetIcon
ImageList_ReplaceIcon

dwmapi

DwmGetWindowAttribute

kernel32

HeapAlloc
lstrlenW
GlobalFree
GlobalAlloc
GetSystemDirectoryW
HeapFree
SetThreadPriority
TerminateThread
MultiByteToWideChar
GetProcessHeap
CreateThread
GetModuleFileNameW
lstrcmpW
CloseHandle
GetLastError
lstrcmpiW
CreateSemaphoreW
GetTickCount
FreeLibrary
GetProcAddress
lstrcmpA
ExpandEnvironmentStringsA
LoadLibraryExA
ReadConsoleW
ReadFile
SetEndOfFile
WriteConsoleW
SetStdHandle
CreateFileW
CreateProcessW
CreateProcessA
GetFullPathNameW
ExpandEnvironmentStringsW
VerSetConditionMask
GetStringTypeW
SetFilePointerEx
HeapReAlloc
LoadLibraryExW
EnumSystemLocalesW
GetUserDefaultLCID
FindClose
FindFirstFileW
ReleaseSRWLockExclusive
ReleaseSRWLockShared
AcquireSRWLockExclusive
AcquireSRWLockShared
GetCurrentProcessId
GetCurrentThreadId
GetWindowsDirectoryW
LoadResource
LockResource
SizeofResource
MulDiv
LoadLibraryW
FindResourceW
GetUserDefaultUILanguage
GetFileAttributesW
GetVersionExW
LocalFree
LocalAlloc
GetCurrentProcess
IsWow64Process
OutputDebugStringW
GetCurrentThread
GetTempPathW
CreateMutexW
FormatMessageW
lstrcpyW
ReleaseMutex
WaitForSingleObject
EncodePointer
DecodePointer
RaiseException
RtlUnwind
GetCommandLineA
GetLocalTime
EnterCriticalSection
LeaveCriticalSection
IsProcessorFeaturePresent
ExitProcess
GetModuleHandleExW
AreFileApisANSI
WideCharToMultiByte
HeapSize
IsDebuggerPresent
SetLastError
GetStdHandle
GetFileType
DeleteCriticalSection
GetStartupInfoW
GetModuleFileNameA
WriteFile
QueryPerformanceCounter
GetSystemTimeAsFileTime
GetEnvironmentStringsW
FreeEnvironmentStringsW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
CreateEventW
Sleep
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetModuleHandleW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
FatalAppExitA
FlushFileBuffers
GetConsoleCP
GetConsoleMode
SetConsoleCtrlHandler
GetDateFormatW
GetTimeFormatW
CompareStringW
LCMapStringW
GetLocaleInfoW
IsValidLocale
VerifyVersionInfoW

user32

MonitorFromPoint
PtInRect
SetCursor
KillTimer
ReleaseCapture
SetCapture
PostQuitMessage
LoadStringW
DialogBoxParamW
EndDialog
GetDlgItem
SetDlgItemTextW
GetDlgCtrlID
SetFocus
GetSystemMetrics
LoadMenuIndirectW
DrawTextW
GetDC
ReleaseDC
BeginPaint
EndPaint
GetClientRect
LoadBitmapW
EnumDisplaySettingsW
MonitorFromWindow
IsHungAppWindow
IsWindowVisible
GetParent
GetClassNameW
wsprintfW
GetAncestor
DefWindowProcW
UnregisterClassW
SystemParametersInfoW
ClientToScreen
GetCursorPos
AdjustWindowRect
SetMenuItemInfoW
GetMenuItemInfoW
InsertMenuItemW
TrackPopupMenu
GetSubMenu
CreatePopupMenu
DestroyWindow
CopyIcon
LoadImageW
GetClassLongW
LoadIconW
LoadCursorW
FindWindowW
GetSysColorBrush
UpdateWindow
ShowWindow
RegisterClassExW
RegisterClassW
PostMessageW
DispatchMessageW
TranslateMessage
GetMessageW
GetMonitorInfoW
EnumDisplayDevicesW
SetWindowLongW
SetTimer
SetWindowPos
MoveWindow
SetWindowTextW
CreateWindowExW
ScreenToClient
DestroyIcon
GetWindow
GetWindowLongW
IsRectEmpty
GetWindowRect
GetWindowTextW
SetForegroundWindow
GetForegroundWindow
DestroyMenu
SendMessageW
InvalidateRect

advapi32

IsValidSecurityDescriptor
RegSetValueExW
RegQueryValueExW
RegCreateKeyExW
RegCloseKey
GetSecurityDescriptorSacl
ConvertStringSecurityDescriptorToSecurityDescriptorW
SetSecurityInfo
AllocateAndInitializeSid
FreeSid
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
RegOpenCurrentUser
RegOpenKeyExW
SetEntriesInAclW
OpenProcessToken
OpenThreadToken
AccessCheck
AddAccessAllowedAce
CheckTokenMembership
CreateWellKnownSid
GetLengthSid
GetTokenInformation
ImpersonateSelf
InitializeAcl
RevertToSelf
SetSecurityDescriptorGroup
SetSecurityDescriptorOwner
RegEnumKeyExW
RegSetKeySecurity
DeregisterEventSource
RegisterEventSourceW
ReportEventW
RegOpenKeyExA
RegQueryValueExA

shell32

ExtractIconExW
SHAppBarMessage
ExtractIconW

shlwapi

SHDeleteKeyW

gdi32

GetObjectW
CreateCompatibleDC
CreateFontIndirectW
DeleteDC
DeleteObject
GetDeviceCaps
GetStockObject
SelectObject
SetBkMode
StretchBlt
BitBlt

Sections

.text
Size: 339KB - Virtual size: 338KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 57KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.00cfg
Size: 512B - Virtual size: 260B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 280KB - Virtual size: 280KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a0db7ef73ef297ffb2dbf1d432bd365c

Headers

DLL Characteristics

File Characteristics

Imports

comctl32

dwmapi

kernel32

user32

advapi32

shell32

shlwapi

gdi32

Sections

.text Size: 339KB - Virtual size: 338KB

.rdata Size: 57KB - Virtual size: 56KB

.data Size: 7KB - Virtual size: 17KB

.idata Size: 9KB - Virtual size: 8KB

.00cfg Size: 512B - Virtual size: 260B

.rsrc Size: 280KB - Virtual size: 280KB

.reloc Size: 16KB - Virtual size: 16KB

.text
Size: 339KB - Virtual size: 338KB

.rdata
Size: 57KB - Virtual size: 56KB

.data
Size: 7KB - Virtual size: 17KB

.idata
Size: 9KB - Virtual size: 8KB

.00cfg
Size: 512B - Virtual size: 260B

.rsrc
Size: 280KB - Virtual size: 280KB

.reloc
Size: 16KB - Virtual size: 16KB