bc0b57f04efe4239fcc02f049c97016c653c963de8cbe45bcf9449cd16919f08

General

Target

bc0b57f04efe4239fcc02f049c97016c653c963de8cbe45bcf9449cd16919f08
Size

452KB
MD5

a87fab5ef51df54563c1752f4cc5b466
SHA1

1e29f9771c034545e618cdb28e12f1004993f8bf
SHA256

bc0b57f04efe4239fcc02f049c97016c653c963de8cbe45bcf9449cd16919f08
SHA512

2369d6b6769853ff7246031bb7081261a6ecc67590e424f2845337291cc0a1241c24fc2ed340deb8f999befa5dea237df2000c5a0bf0f1e410d2394e0735df65
SSDEEP

6144:lNOKA8716v7ae1wR/+0rtDVgfcw3vR2vRz5Datp8E2lv2avF:lsi716eGwIQDGfh3v+z5WtkR26

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bc0b57f04efe4239fcc02f049c97016c653c963de8cbe45bcf9449cd16919f08

Files

bc0b57f04efe4239fcc02f049c97016c653c963de8cbe45bcf9449cd16919f08
.dll windows:4 windows x86 arch:x86

5b0a744a028d638abc7f791101016faf

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

VirtualFree
GetWindowsDirectoryA
Sleep
CreateSemaphoreA
CreateDirectoryA
VirtualAlloc
CopyFileA
VirtualProtectEx
ResetEvent
GetModuleFileNameA
GetTempPathA
GetCurrentThreadId
GetCommandLineA
HeapFree
GetVersionExA
HeapAlloc
GetProcessHeap
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
EnterCriticalSection
LeaveCriticalSection
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
GetLastError
WriteFile
WideCharToMultiByte
GetConsoleCP
GetConsoleMode
FlushFileBuffers
RtlUnwind
CloseHandle
GetProcAddress
GetModuleHandleA
ExitProcess
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapDestroy
HeapCreate
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
InitializeCriticalSection
GetCPInfo
GetACP
GetOEMCP
MultiByteToWideChar
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetFilePointer
SetStdHandle
CreateFileA
HeapReAlloc
LoadLibraryA
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
ReadFile
SetEndOfFile
HeapSize

ws2_32

WSACleanup
WSAWaitForMultipleEvents
WSAStartup

Sections

.text
Size: 124KB - Virtual size: 120KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 156KB - Virtual size: 154KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 132KB - Virtual size: 15.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 32KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Resubmissions

Sharing

General

Malware Config

Signatures

Files

5b0a744a028d638abc7f791101016faf

Headers

File Characteristics

Imports

kernel32

ws2_32

Sections

.text Size: 124KB - Virtual size: 120KB

.rdata Size: 156KB - Virtual size: 154KB

.data Size: 132KB - Virtual size: 15.2MB

.rsrc Size: 4KB - Virtual size: 1KB

.reloc Size: 32KB - Virtual size: 30KB

.text
Size: 124KB - Virtual size: 120KB

.rdata
Size: 156KB - Virtual size: 154KB

.data
Size: 132KB - Virtual size: 15.2MB

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 32KB - Virtual size: 30KB