bbcdc69caef2290ab710aa7f8dfe0af8

General

Target

bbcdc69caef2290ab710aa7f8dfe0af8
Size

46KB
MD5

bbcdc69caef2290ab710aa7f8dfe0af8
SHA1

60166784b338d7472faf1537b7ec95fc75873aed
SHA256

0475dc73f2183711e241add3f910b3285619b750563ebe6a7a59be7727a1b8f9
SHA512

f94bdc06e13edf3e2751fce89897218dd4a1567dc8d6d2bca02d35d6ddf7acb516c585ac64f88c855e0c290009ad0cf7a34dd627b1a0e7ca8943e9976894a01d
SSDEEP

768:UOt5Sxj0r9uXQSxhvmhyOEVsxaPkkKiZ2VpcLe7BhisWhNOiVlBE9hcHiMkmLK18:Tj9uX7xhvmOVsAPZKi3sAPNOklqUPkm0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bbcdc69caef2290ab710aa7f8dfe0af8

Files

bbcdc69caef2290ab710aa7f8dfe0af8
.exe windows:5 windows x86 arch:x86

0b209fcff36d8428cc2dbbf63b6079b5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleFileNameA
GetFileTime
lstrcpyW
lstrlenA
lstrcmpiA
FindResourceW
GetModuleHandleA
GetLastError
ExpandEnvironmentStringsW
SetFileTime
SetEndOfFile
GetUserDefaultUILanguage
SetLastError
lstrcpyA
WideCharToMultiByte
GetCurrentProcessId
SetFileAttributesW
GetCommandLineA
HeapAlloc
EnterCriticalSection
FindFirstFileW
GetFileSizeEx
MapViewOfFile
HeapFree
GetModuleFileNameW
lstrcpynW
FlushFileBuffers
SetFilePointer
GetTickCount
GetFileSize
CreateThread
DeleteFileW
GetThreadPriority
FindClose
GetLogicalDrives
GetDriveTypeW
GetTimeZoneInformation
HeapReAlloc
IsBadReadPtr
GetTempPathW
GetProcessTimes
GetSystemTime
lstrcmpiW
DisconnectNamedPipe
GetTempFileNameW
GlobalUnlock
InitializeCriticalSection
MultiByteToWideChar
GetLocalTime
ResetEvent
GlobalLock
CreateEventW
GetExitCodeProcess
GetVersionExW
GetSystemTimeAsFileTime
SystemTimeToFileTime
CreateMutexW
lstrlenW
CreateFileMappingW
GetComputerNameW
CreateFileW
WriteProcessMemory
Sleep
lstrcatW
WriteFile
MoveFileExW
GetProcessHeap
OpenProcess
UnmapViewOfFile
lstrcatA
CreateProcessW
SetEvent
CreateDirectoryW
CloseHandle
OpenMutexW
ReleaseMutex
WaitForSingleObject
SetThreadPriority
ReadFile
LeaveCriticalSection
GetCurrentThreadId
CopyFileW
FindNextFileW

user32

LoadCursorW
GetDlgItemTextW
CharLowerBuffA
SetThreadDesktop
OpenWindowStationA
GetDlgItem
ToUnicode
MsgWaitForMultipleObjects

Sections

.wvql
Size: 36KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ovit
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.zudqp
Size: 7KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0b209fcff36d8428cc2dbbf63b6079b5

Headers

File Characteristics

Imports

kernel32

user32

Sections

.wvql Size: 36KB - Virtual size: 56KB

.ovit Size: 1KB - Virtual size: 4KB

.zudqp Size: 7KB - Virtual size: 76KB

.wvql
Size: 36KB - Virtual size: 56KB

.ovit
Size: 1KB - Virtual size: 4KB

.zudqp
Size: 7KB - Virtual size: 76KB