bb6171c2f2ae384938786c7776b23de4

Sharing

Copy URL Twitter E-mail

General

Target

bb6171c2f2ae384938786c7776b23de4
Size

45KB
MD5

bb6171c2f2ae384938786c7776b23de4
SHA1

197edee2d7c63c79f32170e891825a8cb585d7d5
SHA256

0441265e8fc033218a22980b99d204a378b27ab36d49df45021d607e45bb5f5f
SHA512

f911e0a6026b4323056d86ab4e018e97d1c8ff4f20cbebf2cf3d01a10dedd7afdf2a8ad8429ce6b1b35a0e143b6045fd879e456c87e6126c0a5484ea0e27b378
SSDEEP

768:V94SZwVu1u827SCfqN19OBeDXhwoSP2iboSmm6GA9QEM7xSzmVxbHSNuDBca:V9RZI982WtvO6hw/P3oSXfvdSzmVJHS0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bb6171c2f2ae384938786c7776b23de4

Files

bb6171c2f2ae384938786c7776b23de4
.exe windows:4 windows x86 arch:x86

d778d0032fe31eeb8c64dedfcc568906

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCommTimeouts
SetLastConsoleEventActive
FindVolumeClose
CallNamedPipeW
ReadConsoleInputExA
FindVolumeMountPointClose
GetLastError
WaitForDebugEvent
VirtualProtect
CreateFiber
DuplicateConsoleHandle
GetNamedPipeHandleStateA
CreateDirectoryA
SetTapeParameters
GetVersionExA
GetLocaleInfoW
GetConsoleCommandHistoryA
CreateWaitableTimerW
GetEnvironmentVariableW
OpenFileMappingW
CommConfigDialogW
GetProcessWorkingSetSize
VerifyVersionInfoW
BeginUpdateResourceW
BackupSeek

user32

IMPQueryIMEA
GetMessageTime
DrawEdge
CharPrevW
GetClipboardOwner
IsWindowEnabled
QuerySendMessage
LoadIconW
GetWindowModuleFileNameA
MsgWaitForMultipleObjectsEx
TabbedTextOutW
IsCharUpperA
IsWindowUnicode
IsDlgButtonChecked
EnumDisplayMonitors
FindWindowW
DestroyMenu
CharNextA
SendMessageCallbackW
ChangeMenuW
GetOpenClipboardWindow
OpenDesktopW
ShowWindow

gdi32

EngAssociateSurface
PolyTextOutA
SetDIBitsToDevice
Chord
GetBkColor
DeleteEnhMetaFile
CreateDIBPatternBrush
FONTOBJ_pvTrueTypeFontFile
Pie
GdiFlush
GetTextExtentExPointA
DPtoLP
CloseMetaFile
GetWindowExtEx
RestoreDC
RemoveFontResourceExW
SetLayoutWidth
GetRgnBox
GetSystemPaletteUse
STROBJ_bEnumPositionsOnly
GetColorAdjustment
GetStringBitmapA
EudcLoadLinkW
GdiEntry2
GetKerningPairsW
EndPath
GdiConvertBrush
GdiAddGlsRecord

comdlg32

LoadAlterBitmap
dwOKSubclass
dwLBSubclass
GetOpenFileNameW
PrintDlgExW
PrintDlgW
GetFileTitleW
GetSaveFileNameA
GetSaveFileNameW
WantArrows
ChooseFontW
PageSetupDlgA
PrintDlgExA
Ssync_ANSI_UNICODE_Struct_For_WOW
GetOpenFileNameA

Sections

.text
Size: 4KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 37KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

d778d0032fe31eeb8c64dedfcc568906

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

Sections

.text Size: 4KB - Virtual size: 40KB

.data Size: 37KB - Virtual size: 40KB

.idata Size: 3KB - Virtual size: 4KB

.text
Size: 4KB - Virtual size: 40KB

.data
Size: 37KB - Virtual size: 40KB

.idata
Size: 3KB - Virtual size: 4KB