bb3e654d0f4b69d19fdb0a3468757883

Sharing

Copy URL Twitter E-mail

General

Target

bb3e654d0f4b69d19fdb0a3468757883
Size

419KB
MD5

bb3e654d0f4b69d19fdb0a3468757883
SHA1

7efbf8746b720a14311cb6cee8f8db258aa9a902
SHA256

b7faabb48ea25bd6ba89a34be60c6e985e7ba7f49de00dc92600cbd919606543
SHA512

8c0ee89632c6135a5feb15c79a0728cea135e442cd455bc8b395bdf1cdef57e3192302816d9bae9099e67c1467f68592b0b55608c604c214a2eeda1413482c16
SSDEEP

6144:CiFwRJH91o8tw2BbfeKxY+oGzKVq4eqAjki+heA1kLvrVdLybr269Wt3TTbPX1ZD:CieDxWKPKVMwi+Y4lL4tD/PX1USBfT5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bb3e654d0f4b69d19fdb0a3468757883

Files

bb3e654d0f4b69d19fdb0a3468757883
.exe windows:4 windows x86 arch:x86

8d42b57d65d222f9e906156f083debbc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

GetCharacterPlacementW
CreateColorSpaceA
GetMiterLimit
GdiPlayScript
SetMiterLimit
GetEnhMetaFileW
EnumFontFamiliesExA
EndDoc
GetMetaFileBitsEx
SetAbortProc
RemoveFontResourceW
RectVisible
OffsetRgn
ExtTextOutW
GetLayout
CreateSolidBrush
GetTextColor
ColorMatchToTarget
PolyPolygon
SetDIBitsToDevice
SetPolyFillMode
MaskBlt

kernel32

GetTimeZoneInformation
GetLocaleInfoW
GetProcAddress
CompareStringA
GetUserDefaultLCID
GetVersionExA
GetModuleFileNameA
FreeEnvironmentStringsA
SetFileAttributesA
GetEnvironmentStrings
InterlockedExchange
HeapCreate
SetLastError
GetCurrentThread
GetLocaleInfoA
LCMapStringW
WideCharToMultiByte
GetStdHandle
FreeEnvironmentStringsW
HeapDestroy
VirtualQuery
GetTimeFormatA
UnhandledExceptionFilter
IsValidLocale
GetACP
RtlUnwind
GetCommandLineA
InitializeCriticalSection
LoadLibraryA
GetFileType
EnumSystemLocalesA
GetNumberFormatW
HeapReAlloc
SetEnvironmentVariableA
GetTickCount
GetStringTypeA
HeapSize
GetCurrentProcessId
VirtualProtect
GetDateFormatA
GetCurrentProcess
SetHandleCount
GetModuleHandleA
TlsGetValue
GetCurrentThreadId
GetOEMCP
DeleteCriticalSection
IsBadWritePtr
QueryPerformanceCounter
WriteFile
TerminateProcess
TlsFree
GetSystemInfo
TlsAlloc
VirtualAlloc
GetStringTypeW
GetEnvironmentStringsW
TlsSetValue
ExitProcess
EnterCriticalSection
HeapAlloc
LeaveCriticalSection
CompareStringW
GetLastError
GetSystemTimeAsFileTime
IsValidCodePage
GetStartupInfoA
MultiByteToWideChar
GetCPInfo
HeapFree
CloseHandle
LCMapStringA
VirtualFree

shell32

SHGetFileInfoA

Sections

.text
Size: 126KB - Virtual size: 125KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 278KB - Virtual size: 277KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8d42b57d65d222f9e906156f083debbc

Headers

File Characteristics

Imports

gdi32

kernel32

shell32

Sections

.text Size: 126KB - Virtual size: 125KB

.rdata Size: 7KB - Virtual size: 38KB

.data Size: 278KB - Virtual size: 277KB

.rsrc Size: 7KB - Virtual size: 7KB

.text
Size: 126KB - Virtual size: 125KB

.rdata
Size: 7KB - Virtual size: 38KB

.data
Size: 278KB - Virtual size: 277KB

.rsrc
Size: 7KB - Virtual size: 7KB