11bbccebb23cf106dcd3c0a899130130

Sharing

Copy URL Twitter E-mail

General

Target

11bbccebb23cf106dcd3c0a899130130
Size

36KB
MD5

11bbccebb23cf106dcd3c0a899130130
SHA1

70df8f961875644d89addb8f02eaf5fd964db1e4
SHA256

5da572d841c1ed123587b0cf7dad0468bf98d1649373cf237b27372adf019bbc
SHA512

c8f668996d81e66962f5f2a68e24dee999e9219ddef6e61162712eb6f48c8b6d49a46df5df0054ec5d05ec309b0bd7aaa993a1c3e8c66a6f286656a896f27cb6
SSDEEP

768:N7H5O2Z4/G2tHSbZKn/soBGtufmaSxD1mIPZp7pzDzvmqs:N7H4I4/sbVE/SDmI77pPL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
11bbccebb23cf106dcd3c0a899130130

Files

11bbccebb23cf106dcd3c0a899130130
.exe windows:4 windows x86 arch:x86

51592beeb71def525953f1f0ea99f571

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

user32

CharUpperA
ScreenToClient
GetMessageTime
TrackPopupMenu
FindWindowA
DispatchMessageW
MapWindowPoints
IsIconic
GetCapture
UnionRect
GetClientRect
TranslateMessage
SetWindowPos
GetWindowRect
FillRect
GetSystemMetrics
PtInRect
LoadStringW
GetDlgCtrlID
LoadIconA

kernel32

GetDateFormatW
CloseHandle
GetFullPathNameW
TlsAlloc
CreateThread
MultiByteToWideChar
GetTickCount
GlobalReAlloc
lstrlenA
GetFileAttributesW
GetACP
LoadResource
UnmapViewOfFile
GetStringTypeA
GetProcAddress
GetCommandLineW
TlsFree
GetVersionExA
RaiseException
LockFile
DeleteFileA
CompareStringA
Sleep
FindResourceA
SetFileAttributesW
InterlockedExchange
lstrcmpiW
GetSystemInfo
lstrcpyW
DeleteCriticalSection
GlobalMemoryStatus
LocalFree
GetOEMCP
LoadLibraryA
GetCurrentProcessId
GetStartupInfoA
DisableThreadLibraryCalls
GlobalFree
CreateMutexW
GetCommandLineA
TlsGetValue
GetLocaleInfoA
InterlockedIncrement
WriteFile
WideCharToMultiByte
SizeofResource
HeapAlloc
LeaveCriticalSection
SetStdHandle
ExitProcess
IsProcessorFeaturePresent
VirtualProtect
SetUnhandledExceptionFilter
RtlUnwind
GetVersionExW
GetModuleHandleA
CreateDirectoryW
SetConsoleCP
UnlockFile
GetCurrentProcess
DebugBreak
InterlockedCompareExchange
GetFileTime
ReleaseMutex
QueryPerformanceCounter
LoadLibraryW
DeleteFileW
HeapFree
CreateFileA
InitializeCriticalSection
OutputDebugStringA

gdi32

PatBlt
SetBkMode
GetStockObject
CreateCompatibleBitmap
GetObjectA

advapi32

RegDeleteKeyW
RegOpenKeyExW
IsValidSid
RegEnumKeyExW
RegCloseKey

msvcrt

_amsg_exit
??3@YAXPAX@Z
wcschr
??0exception@@QAE@XZ
_iob
_CxxThrowException
__setusermatherr
__dllonexit
memcpy
_onexit
_XcptFilter
memset
_wcsicmp

ole32

CoTaskMemRealloc
CoTaskMemFree

rpcrt4

RpcStringFreeW

version

GetFileVersionInfoW

Sections

.text
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 25KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

51592beeb71def525953f1f0ea99f571

Headers

File Characteristics

Imports

user32

kernel32

gdi32

advapi32

msvcrt

ole32

rpcrt4

version

Sections

.text Size: 6KB - Virtual size: 6KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 25KB - Virtual size: 48KB

.text
Size: 6KB - Virtual size: 6KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 25KB - Virtual size: 48KB