bb15b33f02552f3b5b4e0e2b568c0707

Sharing

Copy URL Twitter E-mail

General

Target

bb15b33f02552f3b5b4e0e2b568c0707
Size

136KB
MD5

bb15b33f02552f3b5b4e0e2b568c0707
SHA1

fab0f1b424c7e5d6778bc93b1f502fb69338a761
SHA256

3e1bee3276f342b18ff2b3800667bae15efdebc1950b9d3ce0bc2717245a8ce4
SHA512

d2d939b12fb021e8f3de7565928b2d2d8b0f969ef65b99885dc04ff4304b7b6004499d0180a9fef3b2da71d123eb636aaf380f0e153c6b1161a2f8e0ff077aa7
SSDEEP

3072:MgvW+Y6CvX7hrl/wcISrUmeVvA1807qvj6OdGdkPR3TRBnQtE3/4tO2lXK8LwG8+:M2vCvVrl/wcISrUmeZUIeaPR3T/6tO29

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bb15b33f02552f3b5b4e0e2b568c0707

Files

bb15b33f02552f3b5b4e0e2b568c0707
.exe windows:5 windows x86 arch:x86

8188cfe9a861aa6d59074186cc8024e2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegQueryValueExW
OpenServiceW
RegSetValueExA
EqualSid
RegQueryInfoKeyA
RegDeleteKeyA
CryptAcquireContextW
RegOpenKeyExW
RegDeleteValueW
AllocateAndInitializeSid
DeregisterEventSource
AddAccessAllowedAce
RegCreateKeyW
InitializeAcl
InitializeSecurityDescriptor

gdi32

DeleteDC
StretchDIBits
SetROP2
GetBkColor
CreateDIBSection
RealizePalette
LPtoDP
GetPixel
GetDIBits
SetBkColor
Rectangle
RestoreDC
CreateRectRgn
BitBlt
SetWindowExtEx
GetTextMetricsW

kernel32

EnterCriticalSection
GetTempPathA
HeapCreate
GetStringTypeA
GetEnvironmentVariableW
LeaveCriticalSection
FreeLibrary
GetCurrentThreadId
GlobalLock
FindNextFileA
GetThreadLocale
GetSystemDirectoryW
GetFileAttributesA
TlsSetValue
GetPrivateProfileStringW
GetTimeZoneInformation
FreeEnvironmentStringsW
GetEnvironmentVariableA
GetDateFormatA
EnumSystemLocalesA
GetSystemInfo
GetACP
lstrcpyW
GlobalUnlock
CloseHandle
GetVersionExA
SetCurrentDirectoryA
GetComputerNameW
CreateProcessW
MultiByteToWideChar
DeleteCriticalSection
InterlockedExchange
MulDiv
GetStringTypeW
MoveFileW
LoadLibraryA
GetConsoleOutputCP
CreateProcessA
GetCurrentDirectoryA
GetModuleHandleW
CompareFileTime
ReleaseMutex
VirtualAlloc
HeapSize
SizeofResource
GetFileAttributesW
GetCurrentProcess
CreateFileMappingA
CreateEventA
GetSystemTimeAsFileTime
GlobalSize
CreateDirectoryW
SetThreadPriority
CreateFileA
lstrcmpA
SetEndOfFile

Sections

.text
Size: 47KB - Virtual size: 47KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 70KB - Virtual size: 263KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8188cfe9a861aa6d59074186cc8024e2

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

gdi32

kernel32

Sections

.text Size: 47KB - Virtual size: 47KB

.rdata Size: 34KB - Virtual size: 34KB

.data Size: 70KB - Virtual size: 263KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 47KB - Virtual size: 47KB

.rdata
Size: 34KB - Virtual size: 34KB

.data
Size: 70KB - Virtual size: 263KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 1KB - Virtual size: 1KB