bb584f11af97a9dde6e032b8d6be4429

Sharing

Copy URL Twitter E-mail

General

Target

bb584f11af97a9dde6e032b8d6be4429
Size

104KB
MD5

bb584f11af97a9dde6e032b8d6be4429
SHA1

f00d0e323f5a902901d62d34c1a2fd922a5e133e
SHA256

181a763386c0bab497f618643fafe5634f35f8ec57221b216f76e9faa960a87f
SHA512

1bdb57af0cfa9bcd2dc13f71a3c3f57d38e024ec8ab973031845a7d9c6b5001591aee2754650278fec58db556d4d2c5534b4bed4a313d1cea08f39ccdc8532b3
SSDEEP

1536:/B2DNvjrN2QNMH4kb7j2ni3ODXgRaSFohN2bZDEwH:cRjrN/NMYWGni3ODh4J

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bb584f11af97a9dde6e032b8d6be4429

Files

bb584f11af97a9dde6e032b8d6be4429
.exe windows:4 windows x86 arch:x86

286fe401daf3e8efbecb248414ecb118

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CopyFileA
GlobalFree
CreateProcessA
CreateDirectoryA
Sleep
GetComputerNameA
CreateThread
GetCommandLineA
GetLastError
DeleteFileA

advapi32

RegEnumValueW
RegLoadKeyA
RegEnumKeyExW
RegQueryValueW
RegFlushKey
RegOpenKeyA
RegQueryInfoKeyA
RegGetKeySecurity
RegDeleteValueA
RegQueryValueExA
RegCreateKeyW
RegQueryValueExW
RegQueryInfoKeyW
RegQueryValueA
RegOpenKeyW
RegCreateKeyExA
RegReplaceKeyW
RegOpenKeyExW
RegEnumValueA

gdi32

CloseFigure
RestoreDC
AddFontResourceExW
AddFontResourceTracking
ClearBitmapAttributes
CopyMetaFileA
GetPixel
BeginPath
GetDCOrgEx
ExtTextOutA
CancelDC
ClearBrushAttributes
BitBlt
GetPixel
GetBrushOrgEx
DeleteDC
GetBitmapBits
GetCurrentPositionEx
CloseMetaFile
CopyMetaFileA
CloseFigure
AddFontResourceTracking
AddFontResourceA
SetTextColor
DeleteDC
GetClipBox
GetPixel
ExcludeClipRect
AddFontMemResourceEx
GetPixel
GetBitmapBits
AddFontResourceExW
CancelDC
ClearBitmapAttributes
BitBlt
RestoreDC

comctl32

ImageList_ReplaceIcon
ImageList_DragShowNolock
ImageList_AddMasked
ImageList_DrawIndirect
ImageList_DragLeave
ImageList_Replace
InitCommonControls
ImageList_Merge
ImageList_LoadImageW
ImageList_DrawEx
ImageList_Copy
ImageList_Create
ImageList_DrawEx
ImageList_Remove
ImageList_ReplaceIcon
ImageList_Destroy
ImageList_LoadImageA
ImageList_GetImageRect
ImageList_LoadImageW
ImageList_GetIconSize
InitCommonControls
ImageList_DragLeave
ImageList_DragShowNolock
ImageList_AddIcon
ImageList_Read
ImageList_GetImageInfo
ImageList_BeginDrag
ImageList_DrawIndirect
ImageList_Merge

Sections

.text
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 72KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

286fe401daf3e8efbecb248414ecb118

Headers

File Characteristics

Imports

kernel32

advapi32

gdi32

comctl32

Sections

.text Size: 8KB - Virtual size: 6KB

.data Size: 72KB - Virtual size: 69KB

.tls Size: 4KB - Virtual size: 4KB

.rdata Size: 8KB - Virtual size: 7KB

.idata Size: 4KB - Virtual size: 2KB

.rsrc Size: 4KB - Virtual size: 53KB

.text
Size: 8KB - Virtual size: 6KB

.data
Size: 72KB - Virtual size: 69KB

.tls
Size: 4KB - Virtual size: 4KB

.rdata
Size: 8KB - Virtual size: 7KB

.idata
Size: 4KB - Virtual size: 2KB

.rsrc
Size: 4KB - Virtual size: 53KB