bb72f0f84bda972eec69c0c94a347dd7

General

Target

bb72f0f84bda972eec69c0c94a347dd7
Size

347KB
MD5

bb72f0f84bda972eec69c0c94a347dd7
SHA1

2fd14cbf70a39b24098c6fec33358fcfd0a6d21a
SHA256

8ffaa7c1385d45df2934ec310da7f71a2512b0fa796866baed1ce78ab5233b85
SHA512

7d92fcc2d3d9e203bd663275213b9b65ab1a406813aabf9c1f17160a9ba53d66eb613179b137b9ed3b1f2f7b7f457ab123bc93fb6edfc20f73ee2240c8174d25
SSDEEP

6144:UrJvqBcIH5XcisNB0JKAjPcaFKuxuGObkr8Tu9hHbfQ5:URqaIH5XGNWJKaPDKRGObk4Tu9Z45

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bb72f0f84bda972eec69c0c94a347dd7

Files

bb72f0f84bda972eec69c0c94a347dd7
.exe windows:5 windows x86 arch:x86

72bb7edd8b8d57c3e166f1be3766f481

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

userenv

GetUserProfileDirectoryW

advapi32

OpenProcessToken
RegCloseKey
RegOpenKeyExW

psapi

GetProcessMemoryInfo

ole32

CoInitializeEx
CoTaskMemFree
StgCreateStorageEx
StgOpenStorageEx
CoCreateInstance
CoInitialize
CoUninitialize

kernel32

FindClose
UnhandledExceptionFilter
IsDebuggerPresent
ReleaseSemaphore
ResumeThread
LeaveCriticalSection
CloseHandle
FreeLibrary
GetFileSize
GetShortPathNameW
VirtualProtectEx
EnterCriticalSection
GetExitCodeThread
GetDriveTypeW
CreateThread
ReadProcessMemory
GetSystemTimeAsFileTime
WaitForSingleObject
FindFirstFileW
SetThreadPriority
SystemTimeToFileTime
OpenProcess
FindNextFileW
SetUnhandledExceptionFilter
CreateFileW
GetSystemTime
DeleteCriticalSection
GetCurrentThreadId
GetACP
CreateDirectoryW
CreateSemaphoreA
VirtualAllocEx

atmlib

ATMFinish
ATMGetNtmFields
ATMClient
ATMGetGlyphListA
ATMBeginFontChange
ATMGetPostScriptNameA
ATMEndFontChange
ATMEnumFonts
ATMGetBuildStrW
ATMEnumFontsA
ATMMakePFMA
ATMGetGlyphListW

kbdit

KbdLayerDescriptor

Sections

.text
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 323KB - Virtual size: 1.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

72bb7edd8b8d57c3e166f1be3766f481

Headers

File Characteristics

Imports

userenv

advapi32

psapi

ole32

kernel32

atmlib

kbdit

Sections

.text Size: 18KB - Virtual size: 18KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 323KB - Virtual size: 1.8MB

.rsrc Size: 3KB - Virtual size: 2KB

.text
Size: 18KB - Virtual size: 18KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 323KB - Virtual size: 1.8MB

.rsrc
Size: 3KB - Virtual size: 2KB