bb38cad193524048f6c38842ea3e48f0

General

Target

bb38cad193524048f6c38842ea3e48f0
Size

432KB
MD5

bb38cad193524048f6c38842ea3e48f0
SHA1

dd9cf4e00bb99ede737cc9473cd1bfa73ea09a26
SHA256

8cffb77c128685070ea19b51e90a01de5d9dabd512563b5d5e207124705f7193
SHA512

25b7e005e46faa57f1c7a44801fb6cc13ba1f2e88bbf145cc92d5f0e553b457b2353f13d133b109cac3e9d6103b3ce060fa4ad5845bbb456fa2d91468386b3d7
SSDEEP

12288:zYGr+i1J5EQVIzvHkkJbj0/kfeTJAiY/uacBC7Dy:CYTqxKTJAr21CH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bb38cad193524048f6c38842ea3e48f0

Files

bb38cad193524048f6c38842ea3e48f0
.exe windows:4 windows x86 arch:x86

4dd57040f09cfb2e34b21f8a943e916c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLocaleInfoW
GetStringTypeA
GetTimeFormatA
LCMapStringW
GetProcAddress
GetTimeZoneInformation
HeapReAlloc
MultiByteToWideChar
CreateEventW
GetLastError
GetCurrentProcessId
SetEnvironmentVariableA
IsDebuggerPresent
FreeEnvironmentStringsW
SetHandleCount
TlsSetValue
GetUserDefaultLCID
WriteProfileStringA
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCPInfo
TlsAlloc
lstrcpynA
GetOEMCP
HeapDestroy
FindAtomW
GetEnvironmentStringsW
SetConsoleCursorPosition
EnterCriticalSection
ExitProcess
GetTickCount
lstrcatW
SetConsoleCtrlHandler
HeapFree
CompareStringA
GetModuleFileNameA
GetModuleFileNameW
LoadLibraryA
QueryPerformanceCounter
lstrlenW
VirtualAlloc
WriteProfileSectionA
SetConsoleTitleA
TlsFree
GetCurrentProcess
TerminateProcess
GetCurrentThreadId
WriteFile
CompareStringW
FreeLibrary
GetCurrentThread
IsValidCodePage
Sleep
GetStringTypeW
ExitThread
GetSystemTimeAsFileTime
DeleteCriticalSection
EnumResourceNamesW
RemoveDirectoryW
EnumSystemLocalesA
GetACP
CreateProcessW
LCMapStringA
HeapSize
WideCharToMultiByte
DeleteFiber
GetCommandLineW
IsValidLocale
SetLastError
GetStdHandle
LeaveCriticalSection
GetDateFormatA
TlsGetValue
InterlockedExchange
GetLocaleInfoA
VirtualFree
WaitForSingleObject
InitializeCriticalSectionAndSpinCount
OpenFileMappingA
FileTimeToSystemTime
HeapCreate
GetStartupInfoW
HeapAlloc
InterlockedIncrement
GetPrivateProfileSectionNamesA
EnumTimeFormatsA
GetStartupInfoA
VirtualQuery
GetModuleHandleA
InterlockedDecrement
GetFileType
GetModuleHandleW
RtlUnwind

user32

GetDoubleClickTime
WINNLSEnableIME

Sections

.text
Size: 135KB - Virtual size: 135KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 280KB - Virtual size: 306KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4dd57040f09cfb2e34b21f8a943e916c

Headers

File Characteristics

Imports

kernel32

user32

Sections

.text Size: 135KB - Virtual size: 135KB

.data Size: 280KB - Virtual size: 306KB

.rsrc Size: 15KB - Virtual size: 15KB

.text
Size: 135KB - Virtual size: 135KB

.data
Size: 280KB - Virtual size: 306KB

.rsrc
Size: 15KB - Virtual size: 15KB