bb6e4b357c4fe550b426cd3d384d5936

Sharing

Copy URL Twitter E-mail

General

Target

bb6e4b357c4fe550b426cd3d384d5936
Size

48KB
MD5

bb6e4b357c4fe550b426cd3d384d5936
SHA1

4e0e3b9b55c483781e61f9303450159925c417d7
SHA256

312d5f570104c37c131cdd26bc27f7ef667434a473f3e188f98a4492f268fbc5
SHA512

53154367c4a8a9177ce70600ba108876fb8f8d0ab20e39ed65b8cb6dfbf87f703465afc4ec066b31dae35b7dbe9cf8ba548faf5839d698d5c3d72ace45370027
SSDEEP

768:VZQ9YUySKEujEh3jY8w4ZgXM5a+/F/qTAqbnw8DAAhrav8nC57h/jWsi0CBuH1fa:GVy5PjGw4x/wAA8h7tZru

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bb6e4b357c4fe550b426cd3d384d5936

Files

bb6e4b357c4fe550b426cd3d384d5936
.exe windows:4 windows x86 arch:x86

252deea0c6a926a68859c84453bd60cf

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

SHOpenRegStream2W
SHOpenRegStream2A
SHIsLowMemoryMachine
SHGetValueW
SHGetValueA
SHGetThreadRef
SHGetInverseCMAP
SHEnumValueW
SHEnumValueA
SHEnumKeyExW
SHEnumKeyExA
SHDeleteValueW
SHDeleteValueA
SHDeleteKeyW
SHDeleteKeyA
SHDeleteEmptyKeyW
SHDeleteEmptyKeyA
ord16
SHCreateStreamOnFileW
SHCreateStreamOnFileA
SHCreateShellPalette
SHCopyKeyW
SHCopyKeyA
SHAutoComplete
PathUnquoteSpacesW
PathUnquoteSpacesA
PathUnmakeSystemFolderW
PathUnmakeSystemFolderA
PathUndecorateW
PathUndecorateA
PathUnExpandEnvStringsW
PathUnExpandEnvStringsA
PathStripToRootW
PathStripToRootA
PathStripPathW
PathStripPathA
PathSkipRootW
PathSkipRootA
PathSetDlgItemPathW
PathSetDlgItemPathA
PathSearchAndQualifyW
PathSearchAndQualifyA
PathRenameExtensionW
PathRenameExtensionA
PathRemoveFileSpecW
PathRemoveFileSpecA
PathRemoveExtensionW
PathRemoveExtensionA
PathRemoveBlanksW
PathRemoveBlanksA
PathRemoveBackslashW
PathRemoveBackslashA
PathRemoveArgsW
PathRemoveArgsA
PathRelativePathToW
PathRelativePathToA
PathQuoteSpacesW
PathQuoteSpacesA
PathParseIconLocationW
PathParseIconLocationA
PathMatchSpecW
PathMatchSpecA
PathMakeSystemFolderW
PathMakeSystemFolderA
PathMakePrettyW
PathMakePrettyA
PathIsURLW
PathIsURLA
PathIsUNCW
PathIsUNCServerW
PathIsUNCServerShareW
SHOpenRegStreamA
PathIsUNCServerA
PathIsUNCA
PathIsSystemFolderW
PathIsSystemFolderA
PathIsSameRootW
PathIsSameRootA
PathIsRootW
PathIsRootA
PathIsRelativeW
PathIsRelativeA
PathIsPrefixW
PathIsPrefixA
PathIsNetworkPathW
PathIsNetworkPathA
PathIsLFNFileSpecW
PathIsLFNFileSpecA
PathIsFileSpecW
PathIsFileSpecA
PathIsDirectoryW
PathIsDirectoryEmptyW
PathIsDirectoryEmptyA
PathIsDirectoryA
PathIsContentTypeW
PathIsContentTypeA
PathGetDriveNumberW
PathGetDriveNumberA
PathGetCharTypeW
PathGetCharTypeA
PathGetArgsW
PathGetArgsA
PathFindSuffixArrayW
PathFindSuffixArrayA
PathFindOnPathW
PathFindOnPathA
PathFindNextComponentW
PathFindNextComponentA
PathFindFileNameW
PathFindFileNameA
PathFindExtensionW
PathFindExtensionA
PathFileExistsW
PathFileExistsA
PathCreateFromUrlW
PathCreateFromUrlA
PathCompactPathW
PathCompactPathExW
PathCompactPathExA
PathCompactPathA
PathCommonPrefixW
PathCommonPrefixA
PathCombineW
PathCombineA
PathCanonicalizeW
PathCanonicalizeA
PathBuildRootW
PathBuildRootA
PathAppendW
PathAppendA
PathAddExtensionW
PathAddExtensionA
PathAddBackslashW
PathAddBackslashA
IntlStrEqWorkerW
IntlStrEqWorkerA
HashData
GetMenuPosFromID
ColorRGBToHLS
ColorHLSToRGB
ColorAdjustLuma
ChrCmpIW
ChrCmpIA
SHOpenRegStreamW
SHQueryInfoKeyA
SHQueryInfoKeyW
SHQueryValueExA
SHQueryValueExW
SHRegCloseUSKey
SHRegCreateUSKeyA
SHRegCreateUSKeyW
SHRegDeleteEmptyUSKeyA
SHRegDeleteEmptyUSKeyW
SHRegDeleteUSValueA
SHRegDeleteUSValueW
SHRegDuplicateHKey
SHRegEnumUSKeyA
SHRegEnumUSKeyW
SHRegEnumUSValueA
SHRegEnumUSValueW
SHRegGetBoolUSValueA
SHRegGetBoolUSValueW
SHRegGetPathA
SHRegGetPathW
SHRegGetUSValueA
SHRegGetUSValueW
SHRegOpenUSKeyA
SHRegOpenUSKeyW
SHRegQueryInfoUSKeyA
SHRegQueryInfoUSKeyW
SHRegQueryUSValueA
SHRegQueryUSValueW
SHRegSetPathA
SHRegSetPathW
SHRegSetUSValueA
SHRegSetUSValueW
SHRegWriteUSValueA
SHRegWriteUSValueW
SHSetThreadRef
SHSetValueA
SHSetValueW
SHStrDupA
SHSkipJunction
PathIsUNCServerShareA
SHStrDupW

kernel32

LocalSize
FindResourceW
FindResourceExA
HeapFree
GetProcessHeap
HeapAlloc
CreateConsoleScreenBuffer
CreateDirectoryA
CreateDirectoryExA
CreateDirectoryExW
CreateDirectoryW
CreateEventA
CreateEventW
CreateFiber
CreateFiberEx
CreateFileA
CreateFileMappingA
CreateFileMappingW
CreateFileW
CreateHardLinkA
CreateHardLinkW
CreateIoCompletionPort
CreateJobObjectA
CreateJobObjectW
CreateMailslotA
CreateMailslotW
CommConfigDialogW
CompareFileTime
CompareStringA
CompareStringW
ConnectNamedPipe
ContinueDebugEvent
ConvertDefaultLocale
ConvertThreadToFiber
CopyFileA
CopyFileExA
CopyFileExW
CopyFileW
GetFileTime

ole32

OleRun

user32

ChildWindowFromPointEx
ChildWindowFromPoint
CheckRadioButton
CheckMenuRadioItem
CheckMenuItem
CheckDlgButton
CharUpperW
CharUpperBuffW
CharUpperBuffA
CharUpperA
CharToOemW
CharToOemBuffW
CharToOemBuffA
CharToOemA
CharPrevW
CharPrevExA
CharPrevA
CharNextW
CharNextExA
CharNextA
CharLowerW
CharLowerBuffW
CharLowerBuffA
CharLowerA
ChangeMenuW
ChangeMenuA
ChangeDisplaySettingsW
ChangeDisplaySettingsExW
ChangeDisplaySettingsExA
ChangeDisplaySettingsA
ChangeClipboardChain
ReleaseDC

advapi32

RegLoadKeyA

msvcrt

malloc
memset
free

winmm

mmioOpenA

Sections

.text
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 106KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 824B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

252deea0c6a926a68859c84453bd60cf

Headers

File Characteristics

Imports

shlwapi

kernel32

ole32

user32

advapi32

msvcrt

winmm

Sections

.text Size: 21KB - Virtual size: 20KB

.rdata Size: 7KB - Virtual size: 7KB

.data Size: 16KB - Virtual size: 106KB

.rsrc Size: 1024B - Virtual size: 824B

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 21KB - Virtual size: 20KB

.rdata
Size: 7KB - Virtual size: 7KB

.data
Size: 16KB - Virtual size: 106KB

.rsrc
Size: 1024B - Virtual size: 824B

.reloc
Size: 1KB - Virtual size: 1KB