1119922e6cb6085d08f6a2252b919a93

Sharing

Copy URL Twitter E-mail

General

Target

1119922e6cb6085d08f6a2252b919a93
Size

3.8MB
MD5

1119922e6cb6085d08f6a2252b919a93
SHA1

c949ce6e8670011437b2aa7bdd3594bb2e3a6a01
SHA256

8b3ae744e2a9c409861edd713edc673e8545a6b3992e219b53b4cd1238ab2762
SHA512

ecd25e44b92e8dc9e4c1016507773f9dd54f4e64f5a4c9ef918ee71c54d1098217057c41f9b9a9e8cf5aa34892c02ccecbd3c5a8f212a1316260a13ae1d408d7
SSDEEP

49152:i38Vzu2/qFHogMjFkaac7P5+3Z4lts5YRHv8GUgt:i381FCHogMuaaWP5AZ4EwvHUgt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1119922e6cb6085d08f6a2252b919a93

Files

1119922e6cb6085d08f6a2252b919a93
.exe windows:4 windows x86 arch:x86

a93b62d9874256a3d41d35cc66658aac

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

MapViewOfFile
CreateFileA
InitializeCriticalSection
GetProcAddress
GetCurrentProcess
LocalFree
RaiseException
LocalAlloc
GetVersionExA
TerminateProcess
Sleep
WaitForSingleObject
GetExitCodeProcess
GetEnvironmentVariableA
LeaveCriticalSection
EnterCriticalSection
SetLastError
GetFullPathNameA
DeleteFileA
WriteFile
GetTempFileNameA
GetTempPathA
VirtualFree
VirtualProtect
SetFilePointer
VirtualAlloc
ReadFile
GetSystemTimeAsFileTime
lstrcmpiA
lstrcpynA
CreateFileMappingA
GetFileSize
FreeLibrary
GetLastError
LoadLibraryA
FlushFileBuffers
GetModuleFileNameA
FindFirstFileA
CreateProcessA
SetEnvironmentVariableA
OpenProcess
GetCurrentProcessId
HeapAlloc
HeapCreate
HeapFree
FormatMessageA
SetUnhandledExceptionFilter
VirtualQuery
GetFullPathNameW
WideCharToMultiByte
CreateFileW
GetFileAttributesA
GetFileAttributesW
CreateFileMappingW
ExitProcess
FindClose
GetPrivateProfileStringA
GetPrivateProfileIntA
GetPrivateProfileSectionNamesA
UnmapViewOfFile
CloseHandle
GetModuleHandleA
GetFileTime
lstrlenA
FindNextFileA
RtlUnwind
GetStringTypeW
GetStringTypeA
MultiByteToWideChar

user32

ChangeDisplaySettingsA
CharUpperBuffA
wvsprintfA
LoadImageA
MessageBoxA
wsprintfA

gdi32

AddFontResourceA
RemoveFontResourceA
DeleteDC
CreateDIBSection
CreateCompatibleDC

Exports

Exports

_bbWinMain@0
runtimeGetRuntime

Sections

Size: 1020KB - Virtual size: 1017KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 52KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 120KB - Virtual size: 377KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 592KB - Virtual size: 589KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: - Virtual size: 59KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 31KB - Virtual size: 47KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 5KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

a93b62d9874256a3d41d35cc66658aac

Headers

File Characteristics

Imports

kernel32

user32

gdi32

Exports

Exports

Sections

Size: 1020KB - Virtual size: 1017KB

Size: 52KB - Virtual size: 50KB

Size: 120KB - Virtual size: 377KB

Size: 592KB - Virtual size: 589KB

Size: - Virtual size: 59KB

Size: 31KB - Virtual size: 47KB

Size: 4KB - Virtual size: 4KB

Size: 5KB - Virtual size: 26KB