b85bb3699de180ca3f4da3002fec92f6

Sharing

Copy URL

Twitter E-mail

General

Target

b85bb3699de180ca3f4da3002fec92f6
Size

412KB
MD5

b85bb3699de180ca3f4da3002fec92f6
SHA1

0274b5488ddade07fd03787de225805715671525
SHA256

c6fc14f95e87659fc31d96ea8660d237c80bc31daefc6bb4c08cb7f7d8383082
SHA512

3bade1e4f3be467ed5e17e07eca46c0914b24d2f468d2ae2732b7607e2a0a5d378ed6dfb11e7de0bfdc0beb4141b1e5cdb211ebd118b5540d7ad15e2ac078feb
SSDEEP

6144:wj44g1FPC0iApWfHoHPKkdM1Kb0jHoOhVaIYyHU/cYrbmLYHTInKOtGSVX:wE15CKUHoBN0zoO73Y7cYrbnHTIndPh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b85bb3699de180ca3f4da3002fec92f6

Files

b85bb3699de180ca3f4da3002fec92f6
.dll windows:4 windows x86 arch:x86

f235851167b79a8bcbaadb19b0e17a68

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

shlwapi

SHEnumKeyExA

kernel32

CloseHandle
CompareStringA
CreateFileMappingA
CreateNamedPipeA
DuplicateHandle
GetConsoleCP
GetConsoleMode
GetExitCodeThread
GetMailslotInfo
GetModuleFileNameA
GetModuleHandleA
GetCurrentProcessId
GetProcessVersion
GetStdHandle
GetCurrentThreadId
GetThreadLocale
GetUserDefaultLCID
IsValidCodePage
ReleaseMutex
ResetEvent
GetStartupInfoA
VirtualProtect
ReadFile
WriteFile
ExitProcess
GetComputerNameA
GetBinaryTypeA
BackupRead
lstrcmpA
lstrlenW
FlushViewOfFile
GetDriveTypeA
GetWindowsDirectoryW
GetWindowsDirectoryA
GetCurrentDirectoryA
GetSystemDirectoryW
GetComputerNameW
GetCurrentDirectoryW
GetFileAttributesA
GetFileAttributesW
lstrcmpW
GetFileType

user32

ReleaseDC

advapi32

GetUserNameA

msvcrt

free
malloc

version

GetFileVersionInfoA
GetFileVersionInfoSizeA

winmm

GetDriverModuleHandle
timeEndPeriod

Exports

Exports

nbmby

Sections

.code
Size: 36KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 356KB - Virtual size: 355KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

oluemw
Size: 4KB - Virtual size: 1B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 792B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f235851167b79a8bcbaadb19b0e17a68

Headers

File Characteristics

Imports

shlwapi

kernel32

user32

advapi32

msvcrt

version

winmm

Exports

Exports

Sections

.code Size: 36KB - Virtual size: 34KB

.rdata Size: 4KB - Virtual size: 1KB

.data Size: 356KB - Virtual size: 355KB

oluemw Size: 4KB - Virtual size: 1B

.rsrc Size: 4KB - Virtual size: 792B

.reloc Size: 4KB - Virtual size: 1KB

.code
Size: 36KB - Virtual size: 34KB

.rdata
Size: 4KB - Virtual size: 1KB

.data
Size: 356KB - Virtual size: 355KB

oluemw
Size: 4KB - Virtual size: 1B

.rsrc
Size: 4KB - Virtual size: 792B

.reloc
Size: 4KB - Virtual size: 1KB