bb6017c36d2abcca1439d3e51ad63cc8

Sharing

Copy URL Twitter E-mail

General

Target

bb6017c36d2abcca1439d3e51ad63cc8
Size

147KB
MD5

bb6017c36d2abcca1439d3e51ad63cc8
SHA1

b6b3848c878e991c025a482bb3c42ca0e926c5c2
SHA256

9799dabe2c63b43f55aa6e5c90357260890f96e9de8aacf7c38ca93bff011357
SHA512

f9c7614411d59c85201250fedd77f672edb83e960e19747d998cb2e0b1ee92ffffa593e1f30d1d47474e9bdb4b290a61d2ac274810d12ea1e29887f80fa7f1a9
SSDEEP

3072:hh6PQObNifeeDFbQHEcXjuI8yDK84lODjY1wqWt:jYQWk6iwTX2wqWt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bb6017c36d2abcca1439d3e51ad63cc8

Files

bb6017c36d2abcca1439d3e51ad63cc8
.exe windows:4 windows x86 arch:x86

584122f6dd45aae985c3d9f74e2108f4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegEnumKeyExW
RegDeleteKeyA
RegCreateKeyExW
RegEnumValueA
RegEnumKeyA
RegQueryValueExA
RegLoadKeyW
RegDeleteKeyW
RegFlushKey
RegLoadKeyA
RegCreateKeyW
RegDeleteValueW
RegQueryInfoKeyW
RegEnumValueW
RegQueryValueExW
RegCreateKeyExA
RegReplaceKeyW
RegEnumKeyW
RegQueryInfoKeyA
RegReplaceKeyA
RegOpenKeyA
RegGetKeySecurity
RegQueryValueW
RegEnumKeyExA
RegOpenKeyExW
RegOpenKeyExA
RegOpenKeyW
RegQueryValueA
RegDeleteValueA
RegEnumKeyExW
RegQueryValueExW
RegDeleteValueA
RegEnumValueW
RegQueryInfoKeyA
RegLoadKeyA
RegCreateKeyExW
RegDeleteKeyW
RegEnumValueA
RegQueryValueExA
RegLoadKeyW
RegOpenKeyW
RegCreateKeyExA
RegOpenKeyExA
RegEnumKeyExA
RegFlushKey
RegQueryValueA
RegReplaceKeyA
RegReplaceKeyW
RegGetKeySecurity
RegOpenKeyA
RegCreateKeyW
RegQueryValueW
RegEnumKeyW
RegEnumKeyA
RegOpenKeyExW
RegQueryInfoKeyW
RegDeleteKeyA
RegDeleteValueW

user32

LoadMenuA
DialogBoxParamA
DrawIconEx
IsMenu
DialogBoxParamW
DrawIcon
CloseWindow
GetWindowTextLengthA
CalcMenuBar
AppendMenuW
CopyIcon
EndDialog
CopyRect
GetFocus
GetMenu
DrawTextW
AlignRects
LoadCursorA
GetCursor
CopyImage
AppendMenuA
CreateIcon
InsertMenuA
IsWindow
GetWindowTextA
DrawTextA
BlockInput
GetDC
GetDlgItem

kernel32

CloseHandle
lstrcmpiA
CloseHandle
GetFileSize
CloseHandle
GetCPInfo
CloseHandle
GetCommandLineA
CloseHandle
GetModuleFileNameA
CloseHandle
GetStringTypeA
CloseHandle
lstrcatA
CloseHandle
HeapFree
CloseHandle
GetLastError

Sections

.t4xt
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 101KB - Virtual size: 101KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.e9a8a
Size: 10KB - Virtual size: 86KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.id75a
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

584122f6dd45aae985c3d9f74e2108f4

Headers

File Characteristics

Imports

advapi32

user32

kernel32

Sections

.t4xt Size: 22KB - Virtual size: 22KB

.rdata Size: 101KB - Virtual size: 101KB

.e9a8a Size: 10KB - Virtual size: 86KB

.id75a Size: 9KB - Virtual size: 8KB

.t4xt
Size: 22KB - Virtual size: 22KB

.rdata
Size: 101KB - Virtual size: 101KB

.e9a8a
Size: 10KB - Virtual size: 86KB

.id75a
Size: 9KB - Virtual size: 8KB