bcebcbb071dab71b07880d8de734ccb5

General

Target

bcebcbb071dab71b07880d8de734ccb5
Size

25KB
MD5

bcebcbb071dab71b07880d8de734ccb5
SHA1

7b5bfcb66e0c169e171702988b2455d48fb037af
SHA256

b1dd5928aecd8a23dcc602403f15bcc5c357931c7b393b415d094464ad3e81b7
SHA512

dd444db11479127e1820585793c95aa06dc2332c59982728a935ab8f94702b0bca8e0eab807de7b21772663de354381d73948d50e6ef677d3bb386c911fd9e21
SSDEEP

384:ZctiSjcAXa/1jt9DyPEjO7hQ/b+8xNuP9B38Y7IpVmq19j2RBJykuJoU:miSjLK/1tyhQzhK78Y7I9jWbGmU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bcebcbb071dab71b07880d8de734ccb5

Files

bcebcbb071dab71b07880d8de734ccb5
.dll windows:4 windows x86 arch:x86

2dc5b7989c1650a864a12ea5530dfd18

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalUnlock
GlobalLock
GlobalAlloc
GetLastError
CreateMutexA
GetCurrentProcessId
ExitProcess
ResumeThread
WriteProcessMemory
VirtualProtectEx
OpenProcess
GetModuleFileNameA
ReadProcessMemory
GetPrivateProfileStringA
DeleteFileA
ReadFile
GetTempPathA
VirtualAlloc
GlobalFree
WideCharToMultiByte
GetTickCount
RaiseException
GetLocalTime
GetCurrentThreadId
InitializeCriticalSection
VirtualProtect
LeaveCriticalSection
EnterCriticalSection
GetCommandLineA
IsBadReadPtr
TerminateThread
CreateThread
CreateFileA
WriteFile
CloseHandle
Sleep
GetCurrentProcess
TerminateProcess
LoadLibraryA
GetModuleHandleA
GetProcAddress

user32

CallNextHookEx
GetWindowTextA
GetWindowThreadProcessId

imagehlp

ImageLoad
ImageUnload

msvcrt

_strcmpi
_strupr
_strlwr
_stricmp
wcslen
atol
srand
strcpy
sprintf
strlen
memcpy
??2@YAPAXI@Z
strrchr
memset
strcat
strncpy
strstr
strcmp
__CxxFrameHandler
rand

Exports

Exports

bbb
kingsoft

Sections

.text
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

sdt
Size: 512B - Virtual size: 140B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2dc5b7989c1650a864a12ea5530dfd18

Headers

File Characteristics

Imports

kernel32

user32

imagehlp

msvcrt

Exports

Exports

Sections

.text Size: 17KB - Virtual size: 17KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 1KB - Virtual size: 14KB

sdt Size: 512B - Virtual size: 140B

.reloc Size: 3KB - Virtual size: 2KB

.text
Size: 17KB - Virtual size: 17KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 1KB - Virtual size: 14KB

sdt
Size: 512B - Virtual size: 140B

.reloc
Size: 3KB - Virtual size: 2KB