bb9ba5d2bb2a116eea05f06d734a623f

Sharing

Copy URL

Twitter E-mail

General

Target

bb9ba5d2bb2a116eea05f06d734a623f
Size

74KB
MD5

bb9ba5d2bb2a116eea05f06d734a623f
SHA1

8ac9fb830da4d5aeff3194b55f2b7c0583803813
SHA256

b0d00f412fdea3ae7597cecc2aed7ff14faf274bfb6eb658e5d021333115e3e7
SHA512

d98f220f43d4a797dba7bb5db14ed615011677b7336654c03ad082e8b4ae91862a41a657c793d7198120f947c7375f68ea51191749451f3d5792be48fdf22c34
SSDEEP

1536:jTSlUypURoyWcpfabxqVdh7rBl3Q546XSu9G8GXGU+ut:jTSvpUR1WcpVdh3W46XSdGIt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bb9ba5d2bb2a116eea05f06d734a623f

Files

bb9ba5d2bb2a116eea05f06d734a623f
.dll windows:4 windows x86 arch:x86

123a641610b0592357ea1965c83f98eb

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
CreateFileA
CreateProcessA
CreateToolhelp32Snapshot
DeleteCriticalSection
EnterCriticalSection
ExitProcess
FreeEnvironmentStringsA
FreeLibrary
GetACP
GetCPInfo
GetCurrentProcessId
GetCurrentThreadId
GetEnvironmentStrings
GetFileType
GetLastError
GetLocalTime
GetModuleFileNameA
GetModuleHandleA
GetOEMCP
GetPrivateProfileIntA
GetPrivateProfileStringA
GetProcAddress
GetProcessHeap
GetStartupInfoA
GetStdHandle
GetStringTypeW
GetSystemDirectoryA
GetTickCount
GetVersion
GetVersionExA
GlobalMemoryStatus
HeapAlloc
HeapFree
InitializeCriticalSection
LCMapStringA
LeaveCriticalSection
LoadLibraryA
MultiByteToWideChar
Process32First
Process32Next
RaiseException
RtlUnwind
SetConsoleCtrlHandler
SetFilePointer
SetHandleCount
SetLastError
Sleep
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
VirtualAlloc
VirtualFree
VirtualQuery
WideCharToMultiByte
WriteFile

user32

CallNextHookEx
ClientToScreen
CreateWindowExA
DefWindowProcA
DestroyWindow
EnumThreadWindows
FindWindowA
GetAncestor
GetAsyncKeyState
GetClassNameA
GetClientRect
GetCursorPos
GetForegroundWindow
GetWindowRect
GetWindowTextA
GetWindowThreadProcessId
KillTimer
MessageBoxA
PostMessageA
RegisterClassExA
SetCursorPos
SetForegroundWindow
SetTimer
SetWindowsHookExA
ShowCursor
ShowWindow
UnhookWindowsHookEx
UpdateWindow
WindowFromPoint
wsprintfA

Exports

Exports

DirectInputCreateA
___CPPdebugHook

Sections

.text
Size: 48KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 15KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

123a641610b0592357ea1965c83f98eb

Headers

File Characteristics

Imports

kernel32

user32

Exports

Exports

Sections

.text Size: 48KB - Virtual size: 52KB

.data Size: 15KB - Virtual size: 32KB

.tls Size: 512B - Virtual size: 4KB

.idata Size: 2KB - Virtual size: 4KB

.edata Size: 512B - Virtual size: 4KB

.rsrc Size: 2KB - Virtual size: 4KB

.reloc Size: 3KB - Virtual size: 4KB

.text
Size: 48KB - Virtual size: 52KB

.data
Size: 15KB - Virtual size: 32KB

.tls
Size: 512B - Virtual size: 4KB

.idata
Size: 2KB - Virtual size: 4KB

.edata
Size: 512B - Virtual size: 4KB

.rsrc
Size: 2KB - Virtual size: 4KB

.reloc
Size: 3KB - Virtual size: 4KB