bbb1e3293e5c52905ced0f924e1bc787

Sharing

Copy URL Twitter E-mail

General

Target

bbb1e3293e5c52905ced0f924e1bc787
Size

596KB
MD5

bbb1e3293e5c52905ced0f924e1bc787
SHA1

7a58e9c02cb1b93ba43edc00e6534923981c4a35
SHA256

fecd5856a7d8f432c1f5e32ac8133674adbd615c06253cca503779cb90e667e5
SHA512

dc706d60502ba34f64388045e3b45bd9da3bae3b6c787e2ffce01ea6fe67019844d8539afbab80021073f50943a0c3da9bd91f54f4cf03f05615c94a5fc721d7
SSDEEP

12288:wff+WOtnoFKamp9yYgEST6z2Qq2dSIjpGx35hzxmh2cplA+7Jqx1:wffytRfa30vNGx35hzxGHVA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bbb1e3293e5c52905ced0f924e1bc787

Files

bbb1e3293e5c52905ced0f924e1bc787
.exe windows:4 windows x86 arch:x86

57fdcc7ea4750946adad37e242531b2c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

DuplicateIcon
SHAddToRecentDocs
ShellExecuteW

user32

LoadKeyboardLayoutA
SetWindowTextA
MonitorFromRect
GetWindowTextLengthA
InsertMenuItemA
LoadCursorFromFileA
ShowWindowAsync
SetMenuContextHelpId
SendMessageW
CreateCursor
GetNextDlgTabItem
CreateDesktopW
EndMenu
LoadIconW
DestroyWindow
GetDlgItemTextW
GetClassLongA
LoadMenuW
RegisterClassA
LookupIconIdFromDirectory
CloseWindow
RegisterClassExA
GetDesktopWindow
ActivateKeyboardLayout

wininet

HttpSendRequestW
LoadUrlCacheContent
SetUrlCacheHeaderData
RetrieveUrlCacheEntryFileW
GopherGetAttributeA
SetUrlCacheEntryGroup
FtpFindFirstFileA

comdlg32

GetOpenFileNameW
FindTextW
ReplaceTextA

kernel32

WriteFile
VirtualAlloc
DeleteCriticalSection
SetStdHandle
GetNumberFormatW
GetDateFormatA
CreateMutexA
GetLocaleInfoA
GetEnvironmentStringsW
HeapDestroy
GetTimeFormatA
GetStartupInfoA
HeapSize
GetCurrentThread
WriteConsoleW
UnhandledExceptionFilter
GetModuleHandleW
VirtualFree
IsValidLocale
WriteConsoleA
GetCurrentProcess
VirtualQuery
GetCommandLineA
TlsAlloc
LeaveCriticalSection
GetOEMCP
InitializeCriticalSectionAndSpinCount
HeapFree
IsValidCodePage
CreateFileA
InterlockedExchange
FlushFileBuffers
EnterCriticalSection
QueryPerformanceCounter
SetLastError
CompareStringA
HeapAlloc
CloseHandle
TlsGetValue
GetProcAddress
GetModuleFileNameA
DeleteAtom
GetConsoleMode
SetEvent
FreeLibrary
MultiByteToWideChar
GetLocaleInfoW
Sleep
SetConsoleCtrlHandler
GetStringTypeW
GetEnvironmentStrings
GetCurrentThreadId
LCMapStringA
HeapReAlloc
InterlockedDecrement
HeapCreate
GetUserDefaultLCID
GetTickCount
GetLastError
GetSystemTimeAsFileTime
RtlUnwind
GetACP
GetCPInfo
TlsFree
LCMapStringW
SetEnvironmentVariableA
EnumSystemLocalesA
SetFilePointer
WideCharToMultiByte
GetFileType
ExitProcess
OpenMutexA
GetConsoleOutputCP
SetHandleCount
ReadFile
FreeEnvironmentStringsW
GetStringTypeA
GetConsoleCP
GetStdHandle
GetModuleHandleA
LoadLibraryA
CompareStringW
TlsSetValue
GetCurrentProcessId
InterlockedIncrement
GetTimeZoneInformation
IsDebuggerPresent
FreeEnvironmentStringsA
TerminateProcess
SetUnhandledExceptionFilter

comctl32

InitCommonControlsEx

Sections

.text
Size: 257KB - Virtual size: 257KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 318KB - Virtual size: 318KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

57fdcc7ea4750946adad37e242531b2c

Headers

File Characteristics

Imports

shell32

user32

wininet

comdlg32

kernel32

comctl32

Sections

.text Size: 257KB - Virtual size: 257KB

.rdata Size: 10KB - Virtual size: 28KB

.data Size: 318KB - Virtual size: 318KB

.rsrc Size: 9KB - Virtual size: 9KB

.text
Size: 257KB - Virtual size: 257KB

.rdata
Size: 10KB - Virtual size: 28KB

.data
Size: 318KB - Virtual size: 318KB

.rsrc
Size: 9KB - Virtual size: 9KB