bc4cb0ef67e9b27719972f29dc4857980a68a159a844bd623c79ca9b8c1d8dcb

Sharing

Copy URL Twitter E-mail

General

Target

bc4cb0ef67e9b27719972f29dc4857980a68a159a844bd623c79ca9b8c1d8dcb
Size

298KB
MD5

4400ce66b07dcf56f583ed821449580b
SHA1

4eff12e5043470749b48746fd3c8bbd09fd0c694
SHA256

bc4cb0ef67e9b27719972f29dc4857980a68a159a844bd623c79ca9b8c1d8dcb
SHA512

78c7b1b5cba453dd68923e349a2030744149709b2b71b7c443451d273c8853a5c88c7744b4e452b16a70b522eb74efc8c91544714e7b0c28088814929d979c20
SSDEEP

3072:lsd9Gd/0sF0ZrRFXAPRvz+cIcHkOTrorZLcn3f5AePgDoWoE3G/CiLN3yXK:29G6vrRtURvBIlWRnWoL/CiLx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bc4cb0ef67e9b27719972f29dc4857980a68a159a844bd623c79ca9b8c1d8dcb

Files

bc4cb0ef67e9b27719972f29dc4857980a68a159a844bd623c79ca9b8c1d8dcb
.exe windows:5 windows x86 arch:x86

2c31137efffdb21e4a7ea36bf1988dce

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DebugActiveProcess
LocalUnlock
SetThreadContext
CommConfigDialogA
DebugActiveProcessStop
ConvertThreadToFiber
GlobalAddAtomA
InterlockedIncrement
ReadConsoleA
GetConsoleAliasA
HeapFree
GetEnvironmentStringsW
WriteConsoleInputA
SleepEx
GetFileAttributesExA
GetModuleHandleW
GetTickCount
GetCompressedFileSizeW
GetCommandLineA
GetConsoleCP
GlobalAlloc
SetFileShortNameW
LoadLibraryW
GetLocaleInfoW
ReadFileScatter
SetVolumeMountPointA
DeleteVolumeMountPointW
GlobalFlags
GetModuleFileNameW
FlushFileBuffers
GetShortPathNameA
GetNamedPipeHandleStateW
FindFirstFileA
GetCPInfoExW
GetLastError
GetCurrentDirectoryW
SetLastError
SetComputerNameA
LoadLibraryA
WriteConsoleA
OpenWaitableTimerW
FoldStringA
FindNextFileA
FindFirstVolumeMountPointA
GetModuleHandleA
UpdateResourceW
VirtualProtect
GetCPInfoExA
GetWindowsDirectoryW
GetProfileSectionW
CreateFileW
ReadFile
WriteConsoleW
LCMapStringW
InterlockedDecrement
Sleep
InterlockedExchange
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
EncodePointer
DecodePointer
MoveFileA
DeleteFileA
HeapSetInformation
GetStartupInfoW
RaiseException
RtlUnwind
HeapAlloc
IsProcessorFeaturePresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
TerminateProcess
GetCurrentProcess
HeapCreate
HeapDestroy
SetHandleCount
GetStdHandle
InitializeCriticalSectionAndSpinCount
GetFileType
SetFilePointer
HeapSize
GetProcAddress
ExitProcess
WriteFile
GetModuleFileNameA
FreeEnvironmentStringsW
WideCharToMultiByte
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetCurrentThreadId
GetCurrentThread
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetCPInfo
FatalAppExitA
GetACP
GetOEMCP
IsValidCodePage
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
GetStringTypeW
MultiByteToWideChar
SetConsoleCtrlHandler
GetConsoleMode
SetStdHandle
HeapReAlloc
FreeLibrary
CloseHandle

user32

CharUpperBuffW
CharToOemBuffW
GetNextDlgTabItem

Sections

.text
Size: 146KB - Virtual size: 146KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 91KB - Virtual size: 31.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.keh
Size: 512B - Virtual size: 1B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 59KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2c31137efffdb21e4a7ea36bf1988dce

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

Sections

.text Size: 146KB - Virtual size: 146KB

.data Size: 91KB - Virtual size: 31.5MB

.keh Size: 512B - Virtual size: 1B

.rsrc Size: 59KB - Virtual size: 58KB

.text
Size: 146KB - Virtual size: 146KB

.data
Size: 91KB - Virtual size: 31.5MB

.keh
Size: 512B - Virtual size: 1B

.rsrc
Size: 59KB - Virtual size: 58KB