bb3dbd521a7ba8f9dd2d82e8299ab398 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bb3dbd521a7ba8f9dd2d82e8299ab398
Size

134KB
MD5

bb3dbd521a7ba8f9dd2d82e8299ab398
SHA1

9c2ec1561ea13d53807926a52d2d9af1932ad607
SHA256

73ecb74b228f305e753b1daeaaa97bdc1b46592f2529cfa53a5e2917180f6ca1
SHA512

dae2cd01842a04a05ba0e1fcd54558169c5b6bf24552083ce99204ab191b15d7eee8cb892789fd546f3b046112d20e86261ca44e4bcfd534a3c3a84537178cc7
SSDEEP

3072:sg9QnwG95AFNeukNJM56/UNxeGc9tAHjPElaZP1YPZUPmu:sIQnUNeuts/UfI9tABP2P5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bb3dbd521a7ba8f9dd2d82e8299ab398

Files

bb3dbd521a7ba8f9dd2d82e8299ab398
.exe windows:5 windows x86 arch:x86

70357c6a6f03b178b3d46fb1cd5cb740

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

S:\zdxgharo\fQEoylo\qrlYro.pdb

Imports

user32

InvertRect
GetMenuDefaultItem
wsprintfW
CharToOemW
RemovePropA
DeleteMenu
ShowWindowAsync
DrawIcon
GetClassInfoW
MapWindowPoints
DestroyCaret
OemToCharA

kernel32

IsBadCodePtr
VerifyVersionInfoW
lstrlenW
GetSystemDefaultLangID
SetEndOfFile
WaitCommEvent
CreateDirectoryA
HeapSize
CancelWaitableTimer
UnmapViewOfFile
DefineDosDeviceW
LeaveCriticalSection

shlwapi

StrCatBuffW

gdi32

CreateBitmapIndirect
CreatePen
GetBitmapBits
SetAbortProc
StretchDIBits
AddFontResourceW
GetTextCharsetInfo

Exports

Exports

?cfcnuiialBnrZfKbleHKwz@@YGJGE@Z
?KgeXbjmqhBqeniplz@@YGPAHMD@Z

Sections

.text
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.edata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 1024B - Virtual size: 864B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 90KB - Virtual size: 90KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ