bb3059ae51cf54eeec44cf54974584b5

General

Target

bb3059ae51cf54eeec44cf54974584b5
Size

184KB
MD5

bb3059ae51cf54eeec44cf54974584b5
SHA1

5c1316862a1bf0ee38f595932119e6d9946a3699
SHA256

360330320db5f0bafd033f9708504b13b64a09554b0c4112bbe8aa9e6dbdb6a7
SHA512

f3bead507c01778c32adf4b3d14f4196dc79b14a5c41b694b9109c3b9e521abe6e93ea85642d7f83e7a55fc22102cab4f27040d9808ac9bd6bc9a068bd0b9e57
SSDEEP

3072:/I6tOpkKL4vakpozMLQR3nlwUt5J5rlNn5+u3HICZolr8iTCBy02HDwxhPDjPgI0:/jtikKL4vHpozyMXlwUt9lNcu3oCZolL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bb3059ae51cf54eeec44cf54974584b5

Files

bb3059ae51cf54eeec44cf54974584b5
.exe windows:4 windows x86 arch:x86

e225945de7c678aa5e8c616e8a1c8806

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CoInitialize
CoCreateInstance
CoCreateGuid

shlwapi

SHGetValueA
SHEnumValueA
SHEnumKeyExA
StrStrIA
SHSetValueA

advapi32

RegCloseKey
DeleteService
RegOpenKeyExA
RegCreateKeyExA
RegSetValueExA
CryptAcquireContextA
CryptGenRandom
CryptReleaseContext
CloseServiceHandle
CreateServiceA
StartServiceA
OpenServiceA
OpenSCManagerA

rpcrt4

UuidToStringA

shell32

SHGetSpecialFolderPathA

user32

wsprintfA

msvcrt

ispunct
isxdigit
strerror
printf
strlen
isupper
??2@YAPAXI@Z
tolower
free
fclose
fwrite
fopen
sprintf
strcat
strcpy
strncpy
rand
wcscpy
mbstowcs
srand
time
atoi
memcmp
_exit
_XcptFilter
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
isalpha
__mb_cur_max
wctomb
islower
isalnum
malloc
isgraph
memcpy
memset
isspace

imagehlp

ImageNtHeader

kernel32

GetFileAttributesA
FindFirstFileA
SetFileTime
GetFileAttributesExA
GetModuleHandleA
GetPrivateProfileStringA
FindNextFileA
WideCharToMultiByte
SleepEx
GetLocalTime
GetVersionExA
lstrlenA
GetSystemDirectoryA
CreateFileA
CloseHandle
GetLastError
GetStartupInfoA
ExitProcess

Sections

.text
Size: 52KB - Virtual size: 49KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 108KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

e225945de7c678aa5e8c616e8a1c8806

Headers

File Characteristics

Imports

ole32

shlwapi

advapi32

rpcrt4

shell32

user32

msvcrt

imagehlp

kernel32

Sections

.text Size: 52KB - Virtual size: 49KB

.rdata Size: 20KB - Virtual size: 18KB

.data Size: 108KB - Virtual size: 104KB

.text
Size: 52KB - Virtual size: 49KB

.rdata
Size: 20KB - Virtual size: 18KB

.data
Size: 108KB - Virtual size: 104KB