bbbbf5ae8d82d5c529dc3d8e4d7787c1

Sharing

Copy URL Twitter E-mail

General

Target

bbbbf5ae8d82d5c529dc3d8e4d7787c1
Size

515KB
MD5

bbbbf5ae8d82d5c529dc3d8e4d7787c1
SHA1

e731dcd589bcf6b93f1ab75f37ad95237894aa08
SHA256

1e0d3b7cb370f78d22847aae98972a2107df559e1df2eaac2a9e00e98e3a40f6
SHA512

e352e109cb0f19621055823c0ad1dcc435aac0fc62a1bb139fd096ab99657afb26727e95dfbb370ec905488e21ab7a5cc19f8b6f037163bdd1b388bd1d134152
SSDEEP

12288:2I5DCeL1QzuTAhfiP1qJTHs33+rJ8EB3Y3l5c3Iih:ZNCeKgAhfiP1qq33+F8EFY3l50I

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bbbbf5ae8d82d5c529dc3d8e4d7787c1

Files

bbbbf5ae8d82d5c529dc3d8e4d7787c1
.dll windows:5 windows x86 arch:x86

ad4c085ac1155d612b85a77d302a9639

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetConsoleCP
GetModuleHandleA
LoadLibraryA
LocalAlloc
LocalFree
GetModuleFileNameA
ExitProcess

user32

GetSystemMetrics

gdi32

SelectObject

winspool.drv

ClosePrinter

advapi32

RegCloseKey

shlwapi

PathFindFileNameA

oleaut32

VariantClear

netapi32

Netbios

ws2_32

WSARecv

Sections

.text
Size: 157KB - Virtual size: 156KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.asdw1
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.asdw0
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.asdw2
Size: 182KB - Virtual size: 181KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.asdw3
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ad4c085ac1155d612b85a77d302a9639

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

winspool.drv

advapi32

shlwapi

oleaut32

netapi32

ws2_32

Sections

.text Size: 157KB - Virtual size: 156KB

.rdata Size: 34KB - Virtual size: 34KB

.data Size: 8KB - Virtual size: 23KB

.asdw1 Size: 11KB - Virtual size: 11KB

.asdw0 Size: 29KB - Virtual size: 28KB

.asdw2 Size: 182KB - Virtual size: 181KB

.asdw3 Size: 68KB - Virtual size: 67KB

.reloc Size: 12KB - Virtual size: 12KB

.rsrc Size: 11KB - Virtual size: 11KB

.text
Size: 157KB - Virtual size: 156KB

.rdata
Size: 34KB - Virtual size: 34KB

.data
Size: 8KB - Virtual size: 23KB

.asdw1
Size: 11KB - Virtual size: 11KB

.asdw0
Size: 29KB - Virtual size: 28KB

.asdw2
Size: 182KB - Virtual size: 181KB

.asdw3
Size: 68KB - Virtual size: 67KB

.reloc
Size: 12KB - Virtual size: 12KB

.rsrc
Size: 11KB - Virtual size: 11KB