bb93e225fe37cbfd48466fa9e45e796f

Sharing

Copy URL Twitter E-mail

General

Target

bb93e225fe37cbfd48466fa9e45e796f
Size

420KB
MD5

bb93e225fe37cbfd48466fa9e45e796f
SHA1

b53d01cd3e391931143d56b2727fd58ee321e241
SHA256

669562024974c636135aeb4244eaa25f2cc00a6b2e9e8d3aba5bdaebbaecf3c1
SHA512

f7bb92034e21091e0eca060b66df329108e8468a94a1bdd68843cb51b27983ec348fe7d0adf129bc42b18b54bba06658b7a97001a8d809668d7a7139fe8c3026
SSDEEP

6144:OiSCxLnbslktA5VkNfPPe1UHM6yOP1p2mSuaJ2JAsTKofuJFqs:OiNRnbslkMVkxPe1UHM6yiCmSu7KEPs

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bb93e225fe37cbfd48466fa9e45e796f

Files

bb93e225fe37cbfd48466fa9e45e796f
.exe windows:4 windows x86 arch:x86

d4d82167fc3db42c239c04b8f499da83

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\ukuayxefe\meqcbo\qpie.pdb

Imports

kernel32

DeleteCriticalSection
HeapDestroy
LocalUnlock
GetSystemTime
SetFilePointer
EnumCalendarInfoExA
FreeResource
GetCommandLineW
GetSystemTimeAsFileTime
GetStartupInfoA
HeapReAlloc
FoldStringA
GetVersionExA
LCMapStringA
MapViewOfFile
CompareStringA
GetFileType
SetVolumeLabelW
GetCommandLineA
InitializeCriticalSection
SetConsoleTitleA
SetFileTime
GetTimeFormatA
IsValidLocale
MoveFileA
GetModuleFileNameA
GetProfileSectionW
ExitProcess
CloseHandle
HeapAlloc
SetEnvironmentVariableA
GetModuleHandleA
GetProcAddress
VirtualProtect
LoadResource
HeapFree
GetCurrentProcessId
WideCharToMultiByte
lstrcpyW
GetFileAttributesExW
OpenFileMappingA
RtlUnwind
IsBadWritePtr
GetLocaleInfoA
GetCurrentThread
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetDiskFreeSpaceA
IsValidCodePage
VirtualQueryEx
GetTimeZoneInformation
GetProcessShutdownParameters
GetStringTypeW
FileTimeToLocalFileTime
GetCurrentProcess
GetACP
GetCPInfo
EnumTimeFormatsA
LocalCompact
SetConsoleScreenBufferSize
Sleep
TlsAlloc
ExpandEnvironmentStringsA
WriteConsoleOutputCharacterW
CreateDirectoryA
CreatePipe
GetStringTypeA
EnumSystemLocalesA
VirtualAlloc
ResetEvent
GetModuleFileNameW
GlobalCompact
GetLastError
GetProcessAffinityMask
WritePrivateProfileSectionW
EnumDateFormatsW
LeaveCriticalSection
CreateMutexA
FlushFileBuffers
GetUserDefaultLCID
QueryPerformanceCounter
SetConsoleWindowInfo
GetEnvironmentStringsW
TerminateProcess
FindFirstFileW
GetLocaleInfoW
GetSystemInfo
GetTickCount
GetStdHandle
VirtualQuery
OpenSemaphoreW
DeleteAtom
GetThreadPriority
GetCompressedFileSizeA
WriteProfileStringW
InterlockedExchange
GetStartupInfoW
HeapSize
CompareStringW
GetEnvironmentVariableA
GetEnvironmentStringsA
ReadConsoleOutputA
VirtualFree
MoveFileExW
VirtualLock
MultiByteToWideChar
WriteFile
GlobalAddAtomW
DebugActiveProcess
WaitForDebugEvent
HeapCreate
GetCompressedFileSizeW
SetHandleCount
OpenMutexA
TlsSetValue
SetConsoleCursorPosition
GetDateFormatA
FindFirstFileExW
TlsFree
OpenSemaphoreA
CreateDirectoryExW
DebugBreak
LoadLibraryW
UnhandledExceptionFilter
LoadLibraryA
GetTempFileNameW
ReadFile
OpenFile
SetStdHandle
ReleaseSemaphore
SetConsoleCtrlHandler
GetThreadLocale
TerminateThread
GetCurrentThreadId
LCMapStringW
PulseEvent
EnterCriticalSection
SetLastError
RaiseException
GetStringTypeExA
GetEnvironmentStrings
TlsGetValue
GetOEMCP
FindResourceExA

comctl32

ImageList_DragEnter
ImageList_GetImageCount
InitMUILanguage
ImageList_GetImageInfo
ImageList_DragMove
ImageList_BeginDrag
InitCommonControlsEx
ImageList_SetBkColor
ImageList_EndDrag
DrawInsert
CreateStatusWindowW

user32

RegisterClassA
SetDeskWallpaper
GetCaretPos
DrawTextA
OpenWindowStationA
GetOpenClipboardWindow
CreateWindowExA
DrawFocusRect
ReplyMessage
GetCapture
DrawTextExA
VkKeyScanA
UnloadKeyboardLayout
SetCaretPos
CallMsgFilterW
SendMessageA
ShowWindow
DdeQueryNextServer
CharNextA
EnumDisplaySettingsExW
GetDialogBaseUnits
GetDesktopWindow
TranslateAccelerator
SendMessageTimeoutW
DefWindowProcA
PostThreadMessageA
GetWindowTextLengthA
IsDlgButtonChecked
DdeAbandonTransaction
DestroyWindow
GrayStringA
CharNextW
VkKeyScanExA
GetMenuContextHelpId
MessageBoxW
LoadIconA
CallWindowProcW
wsprintfW
DrawEdge
TrackPopupMenu
DrawFrame
CopyAcceleratorTableW
EnumClipboardFormats
DlgDirSelectExA
SetDlgItemTextW
DdeCreateStringHandleA
RegisterClassExA
SendMessageW
OpenDesktopA
CopyRect
BeginPaint
InflateRect
CreateWindowStationA
GetInputState
SendDlgItemMessageW
LoadKeyboardLayoutA
InsertMenuItemA
GetWindow
CopyIcon
BringWindowToTop
EndPaint
LookupIconIdFromDirectoryEx
EnumDisplayDevicesW
UnregisterDeviceNotification
CreateWindowExW

gdi32

DeviceCapabilitiesExW
SetWindowOrgEx
ExtSelectClipRgn
FillPath
StrokeAndFillPath
ColorCorrectPalette
CreateDIBitmap
GetTextMetricsA
StartDocW
InvertRgn
PlayEnhMetaFileRecord
CopyEnhMetaFileA
ResizePalette
EqualRgn
BitBlt
SetViewportOrgEx

shell32

DoEnvironmentSubstA

advapi32

RegDeleteKeyA
CryptAcquireContextA
RegEnumKeyA
LookupPrivilegeNameW
RegCreateKeyW
DuplicateToken
CryptSignHashA
LookupAccountNameW
ReportEventW
LookupSecurityDescriptorPartsA
CryptCreateHash
RegOpenKeyExA
RegEnumKeyExW
ReportEventA
RegOpenKeyW
CryptGetProvParam
CryptSetProviderA
LookupAccountNameA
CryptDuplicateHash

Sections

.text
Size: 156KB - Virtual size: 152KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 148KB - Virtual size: 145KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 96KB - Virtual size: 105KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d4d82167fc3db42c239c04b8f499da83

Headers

File Characteristics

PDB Paths

Imports

kernel32

comctl32

user32

gdi32

shell32

advapi32

Sections

.text Size: 156KB - Virtual size: 152KB

.rdata Size: 148KB - Virtual size: 145KB

.data Size: 96KB - Virtual size: 105KB

.rsrc Size: 16KB - Virtual size: 15KB

.text
Size: 156KB - Virtual size: 152KB

.rdata
Size: 148KB - Virtual size: 145KB

.data
Size: 96KB - Virtual size: 105KB

.rsrc
Size: 16KB - Virtual size: 15KB