bb5441af1e1741fca600e9c433cb1550

Sharing

Copy URL Twitter E-mail

General

Target

bb5441af1e1741fca600e9c433cb1550
Size

628KB
MD5

bb5441af1e1741fca600e9c433cb1550
SHA1

60d5dbddae21ecb4cfb601a2586dae776ca973ef
SHA256

69beb78c8b8de1a86677e27c531c92cb5ca70807d2755b94f70a75887fbc90cf
SHA512

3300344ea300a7d005b404e2cab3f480de630df123cb2c994e56a38ec9726ac1bcfb12a98fa22bef5d2b74092c81651bbee4659c8e9f7e6f61c7b0826b2ac012
SSDEEP

6144:cbDGluUNKp0af7G/YF94KzCHsgaJP8r1fwk8lH65HIAUY32s38hDoLCsGyRwFU12:2GjNSsG4awoJP+v26bV2s3hLRwFn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bb5441af1e1741fca600e9c433cb1550

Files

bb5441af1e1741fca600e9c433cb1550
.dll windows:4 windows x86 arch:x86

3aeffff1a896499847d0e973226a7948

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetShortPathNameW
GetCurrentThreadId
GetLastError
WideCharToMultiByte
MultiByteToWideChar
SetEnvironmentVariableW
SetLastError
InterlockedDecrement
InterlockedIncrement
SetEvent
GetCurrentProcessId
ResetEvent
CreateEventW
OpenEventW
SuspendThread
ResumeThread
TerminateThread
OpenThread
GetExitCodeThread
GetCurrentProcess
GetModuleHandleW
GetProcAddress
GetVersionExA
Sleep
OpenMutexW
CloseHandle
CreateMutexA
CreateMutexW
ReleaseMutex
IsBadReadPtr
GetSystemDirectoryW
lstrcpynW
GetModuleFileNameW
ExitThread
ProcessIdToSessionId
CreateFileMappingW
lstrcpynA
GetVersion
HeapAlloc
lstrcatW
HeapFree
GetProcessHeap
SetErrorMode
GetSystemTimeAsFileTime
SetFileTime
WriteFile
ReadFile
CreateFileW
GetFullPathNameW
FlushFileBuffers
GetFileSize
FileTimeToLocalFileTime
GetFileInformationByHandle
FindFirstFileW
FindClose
SetFilePointer
SetFileAttributesW
SetEndOfFile
LocalFileTimeToFileTime
GetFileTime
LocalFree
GetSystemTime
SystemTimeToFileTime
GetTickCount
GetFileAttributesW
LoadLibraryW
GetVolumeInformationW
TerminateProcess
DeleteFileW
CreateProcessW
CopyFileW
GetLongPathNameW
RemoveDirectoryW
GetExitCodeProcess
MoveFileExW
VirtualAllocEx
SearchPathW
OpenProcess
GetModuleHandleA
GetTempFileNameW
GetTempPathW
GetCurrentDirectoryW
GetWindowsDirectoryW
TlsSetValue
TlsAlloc
TlsFree
TlsGetValue
DuplicateHandle
UnmapViewOfFile
FreeLibrary
lstrlenA
IsBadStringPtrA
lstrcmpiA
VirtualQueryEx
VirtualFreeEx
ReadProcessMemory
VirtualProtectEx
GetThreadContext
SetThreadContext
QueueUserAPC
WaitForMultipleObjectsEx
MapViewOfFile
OpenFileMappingW
FindNextFileW
Thread32First
Thread32Next
CreateToolhelp32Snapshot
LocalAlloc
InterlockedExchange
LoadLibraryA
RaiseException
GetCommandLineA
CreateThread
GetCurrentThread
HeapSize
ExitProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStdHandle
GetModuleFileNameA
SetHandleCount
GetFileType
GetStartupInfoA
DeleteCriticalSection
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
QueryPerformanceCounter
IsDebuggerPresent
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LCMapStringA
LCMapStringW
LeaveCriticalSection
FatalAppExitA
EnterCriticalSection
VirtualAlloc
HeapReAlloc
SetConsoleCtrlHandler
InitializeCriticalSection
RtlUnwind
GetLocaleInfoA
GetLocaleInfoW
GetConsoleCP
GetConsoleMode
GetStringTypeA
GetStringTypeW
GetTimeFormatA
GetDateFormatA
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetTimeZoneInformation
CreateFileA
CompareStringA
CompareStringW
SetEnvironmentVariableA

Exports

Exports

DisableTBS
EnableTBS
UpdateTBSList

Sections

.text
Size: 432KB - Virtual size: 431KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 128KB - Virtual size: 124KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 976B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3aeffff1a896499847d0e973226a7948

Headers

File Characteristics

Imports

kernel32

Exports

Exports

Sections

.text Size: 432KB - Virtual size: 431KB

.rdata Size: 128KB - Virtual size: 124KB

.data Size: 24KB - Virtual size: 38KB

.rsrc Size: 4KB - Virtual size: 976B

.reloc Size: 36KB - Virtual size: 35KB

.text
Size: 432KB - Virtual size: 431KB

.rdata
Size: 128KB - Virtual size: 124KB

.data
Size: 24KB - Virtual size: 38KB

.rsrc
Size: 4KB - Virtual size: 976B

.reloc
Size: 36KB - Virtual size: 35KB