bb039df2e52b725ba3a702d4c9d39bc0

Sharing

Copy URL Twitter E-mail

General

Target

bb039df2e52b725ba3a702d4c9d39bc0
Size

11.0MB
MD5

bb039df2e52b725ba3a702d4c9d39bc0
SHA1

d12481249800b32f9ef9d7697d1ac3cf549d5efd
SHA256

8139c38414c1515c664288e29d03f3cc2871081a2815fa9849dc446a8416a874
SHA512

6025a8e54dbf4d26d171b539b56e088f1195104d13f9416b3adb43cd80aefb18bbf80f6409b49ef76b1cf767aeb2ba2dc76d3ca4c3454027b34344df6665ca26
SSDEEP

196608:j77777777777777777777777777777777777777777777777777777777777777n:j777777777777777777777777777777n

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bb039df2e52b725ba3a702d4c9d39bc0

Files

bb039df2e52b725ba3a702d4c9d39bc0
.exe windows:5 windows x86 arch:x86

266aa3b561e26e3b4d438fb26814163c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\tegite\lisurepide-wubobazuca\fesatetaf7\zayipoyi\hux.pdb

Imports

kernel32

LeaveCriticalSection
CreateTapePartition
GetLongPathNameA
GetUserDefaultLangID
AddRefActCtx
GetCPInfoExW
WriteConsoleInputA
ReadConsoleInputW
GetConsoleAliasW
SetCommTimeouts
SetConsoleCP
VerifyVersionInfoA
WaitNamedPipeA
CreateMutexA
WriteConsoleW
GetLastError
CreateFileW
WritePrivateProfileSectionA
GetPrivateProfileSectionA
EnumDateFormatsExA
SetStdHandle
LoadLibraryA
IsDebuggerPresent
FindFirstVolumeW
ReadFile
BuildCommDCBW
FindActCtxSectionStringA
VerLanguageNameW
SetFileApisToANSI
WriteProcessMemory
RequestWakeupLatency
ResetEvent
Sleep
EndUpdateResourceW
GetCPInfo
SetConsoleCtrlHandler
EnumDateFormatsA
GenerateConsoleCtrlEvent
GetCurrentConsoleFont
AttachConsole
GetConsoleAliasesLengthW
ReadConsoleA
ZombifyActCtx
ReadConsoleOutputW
GetSystemWindowsDirectoryA
GetStringTypeW
BuildCommDCBAndTimeoutsA
HeapUnlock
HeapLock
GetAtomNameW
HeapReAlloc
HeapCompact
GetGeoInfoA
GetCurrentProcess
GetProcAddress
GetModuleHandleA
CreateThread
GetVersionExA
GetACP
ReleaseMutex
WaitForSingleObject
GetSystemPowerStatus
WriteConsoleOutputCharacterA
LocalAlloc
SetMailslotInfo
SetEnvironmentVariableW
GetFileAttributesExW
GetComputerNameW
CommConfigDialogA
GetConsoleWindow
PostQueuedCompletionStatus
SetFileApisToOEM
GetStringTypeA
GetDiskFreeSpaceW
SetConsoleTitleA
InitializeSListHead
InterlockedIncrement
InterlockedDecrement
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
RtlUnwind
HeapAlloc
GetModuleHandleW
ExitProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCommandLineA
GetStartupInfoA
HeapFree
TerminateProcess
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetCurrentThreadId
VirtualFree
VirtualAlloc
HeapCreate
WriteFile
GetStdHandle
GetModuleFileNameA
InitializeCriticalSectionAndSpinCount
SetFilePointer
SetHandleCount
GetFileType
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
HeapSize
GetOEMCP
IsValidCodePage
GetLocaleInfoA
MultiByteToWideChar
GetConsoleCP
GetConsoleMode
FlushFileBuffers
LCMapStringA
LCMapStringW
WriteConsoleA
GetConsoleOutputCP
CreateFileA
CloseHandle

advapi32

AdjustTokenGroups

Exports

Exports

@GetSecondVice@0

Sections

.text
Size: 98KB - Virtual size: 97KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 18KB - Virtual size: 4.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10.9MB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

266aa3b561e26e3b4d438fb26814163c

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

advapi32

Exports

Exports

Sections

.text Size: 98KB - Virtual size: 97KB

.data Size: 18KB - Virtual size: 4.4MB

.rsrc Size: 10.9MB - Virtual size: 104KB

.text
Size: 98KB - Virtual size: 97KB

.data
Size: 18KB - Virtual size: 4.4MB

.rsrc
Size: 10.9MB - Virtual size: 104KB