bcf12c9b118213af873b9b4a94e61160

Sharing

Copy URL Twitter E-mail

General

Target

bcf12c9b118213af873b9b4a94e61160
Size

2.2MB
MD5

bcf12c9b118213af873b9b4a94e61160
SHA1

524db0b0d1472317907bdf19f417f20c79636eea
SHA256

7f05b86a078df9aa87d3f08b4fc2ca98b4a03dc35f71438fd1414420259402e0
SHA512

dc9bcb3a070f1c45749b6b1d0efd9c63799f85fb98d02f29213a2b22a2e26a87a0cc100c061e17b8657b5aaed128087cc7a08087dd65105a73e9196e4c366c8a
SSDEEP

49152:syKaLrEpZ7z0t8wyiQqGs2DELaXN28dQRI9Ed3KcByn85W:s7x0U2fOXNBdPM3KCyn85W

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/1252/SleepD+7TR-LNG.exe

Files

bcf12c9b118213af873b9b4a94e61160
.rar
1252/Club-3t.ru клуб единомышленников.url
1252/SleepD+7TR-LNG - I.N.F.O.txt
1252/SleepD+7TR-LNG.exe
.exe windows:4 windows x86 arch:x86

328fce136e9281ab8a20e18d3967c309

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

__vbaStrMove

kernel32

WaitForSingleObject
GetModuleHandleA
LoadLibraryA
LocalAlloc
LocalFree
GetModuleFileNameA
ExitProcess

winmm

waveOutUnprepareHeader

user32

MessageBoxA

Exports

Exports

`�=["��[�}�m�6��6l��Ch�g�Ӫ��ŧ;�*��}��55�� ?W��^{K��J!��=��5��?T��`�cm�rTa��]��y��T�Q�:W(&`Ǜ��O�=��&�h��`�=U`��X�lB"��;��U?�O�6 �Pr} P{� a�*�G��6{��C��!�'7�{˳�W��*��Cr��|��zC%�yȕ�e�Vx��XWP$Ȱ77��7�� Β�SͳG��)и��_ H��M��?��"W4f�8��I�Ǌv}��vmںaaNpn��~�f��g��X�� ؋� C�!'K�ꗗӼ�z|��@�ۗ'��W7�'#��]�s��A9��X��u��:.�N2��9��y��G�Xb?S� Co�1w3qrÁr2p5-�o �b��3"H�j#6��푆�ក��9��0��rJ�5� ��ss�#\03w�<��`��_ոh�ʇN��@Q��ֳ��#��{�>� ��i63N^�I��XnEB!�]��LÐpC�Z��,5�a��]+N�T[ �V�WO�쾌ّ��[-��W\>ʛ<b��]��}d6��>�Z��u&{��r]-��MF.i��8�� `G|)��CN�i��4�Đ2�κk�{X��XlQ��q��<��N�e��uZ�w�\��U�� F��#{D��LdѺ'PCl ��Q�`��(Yi�� rS>w*�#��闟$��sUx��x��o��M+׌l,M=�� Z��{V�4�K J08�`�E��l�$�3� �s�Y��i�9�ҟ��/C3��57��ޥ��X��8��m5�dH"�Ei��D�0m�/��Z>1?�[Ԕ,D;u5�k1T��C��!�F�wI17z�#�բ�K��0_1��N��}�WJ��#Xs�n�."G�t_r�1�� r�[��yZ��l�H�.�іȿ�-q�vJ��> �#T��M6[i�g�W �DLw�\Jl�Ţ�l� �7V��N ry��k8p8��#�U˼�Ri��X0��#��_�sPB(��)�Y瑶�=�@�� y3�=��ۦT�8c�=<:�n3�y� ��\lY�Z<�ȹ��>��7c434g7;kz:��HI�O�&ٕ�D��@�Z�V��C�W5S�-է��'�o��>cGC�k��9s0i�c��_}��<�;�15n%Ր0;'ԄK��&�Ӑr��aJ1��:о �P��1�H��2�$�9r��A��Xn�.*�݀�@��.��][�%⢖8��y�� K�4�/Ԟ�pQ��Y��*��JzH�� 1�mxŅj0F�^3^D��8�0��(�A[�Ƞ�~��,��,�<��R��A�j )uS�}��[� ��V�&��@�|.6<<t%�Y�6��w�5C�SF��(�%@_BĂ��;]��-��ǻw��FqG�|��ܾ��z�� SF��9qd��Yu1�2D�"�a`#�׫��A��4N�1<�媰��+��F2"<��gu��p��d��2tQ��YK0 �zX\�P�o8r?8�@_ň��o4�w(2mL�[�� 4X�/Q�,Ie�?L;z�JIs"��4��tI2��SV� p��:`8�jR�� ]��6��f�x^�@G��9�4��b�#8V�S�+%�* �I��Y��(�$�'��(}Fnws��&�#(��0��'��FҸ��KIס��@�܋1�聛��<pw�Vw~�>��*� ��,0�d��2`�I�V�X!�Obu�sc�[3\��\�0��ÏdK��$j��ل��E�=_9<E�@�;;ne��F��+�K�f��}�hf��ίF��W��M;*��7L~��솫�^*�s�Ý4&�n�Yvd��G]S|�X��0��t ��+��R�3�� U>� vL9��,��ά#IA�=�v�� JG�s|��Eę�Z~Je�xI۬��馸lё��ф݉Wg/'��r��<��e�� 5�u�i�Z��)ܽ��6��?��ؾ#�m� �x�\"'��;�*{��e��%� E^+}I��Z�C��O2[�1S�O� <�,�t�50ǭ��sl��A��S8�0� >UA �ĭg"��|_��jP�\��1�V"S�? �w��*�x9e��j��W��3��mm�j|LD��D�1Y��f��h��@��nE��>C��zǧ�G��O��96ub��2��-�v�6��}D��u,r��y�]OS�1QmҲ��`�|�PD+��W� K��X�%��E�۠�&(��'�p��G�5�d��۰hy1��1U��-h��wad{�jR�-9+��E�A�T��fNn-蹲|+_#��π�}�'i7f�V[f��i=T��C<=;p�~Һ��q�wc��%��`��b�=��ءA�^ӞB�4ň��'�s��7��$��~�fū�s3��FIw`�r�s�tu�=)� -�I��P��C-��Cg��t��.NG{P��o�u�,(�>*Խ��[?,��U��<T�r<5��p��Hr�l7�� P��}\/ D��M-v��z��3jF�nhXt�nLi� �L߲J^|i��O��D�u��P}v?�0-�P��E��u��<|�+#VDT�E��O�N��lU^��c�;G��r��i�G��F�i,X�>��f�Y>��n��DY�`��t��3oA��)� �wM1��a�?��sw�$_��::�G��b��1`H��S�F��J�-��Ǡ

Sections

.text
Size: - Virtual size: 3.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 21KB - Virtual size: 942KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.VCrypt0
Size: - Virtual size: 1.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE

.tls
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.VCrypt1
Size: 2.2MB - Virtual size: 2.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
1252/VERY IMPORTANT!.txt

Sharing

General

Malware Config

Signatures

Files

328fce136e9281ab8a20e18d3967c309

Headers

File Characteristics

Imports

msvbvm60

kernel32

winmm

user32

Exports

Exports

Sections

.text Size: - Virtual size: 3.6MB

.data Size: - Virtual size: 84KB

.rsrc Size: 21KB - Virtual size: 942KB

.VCrypt0 Size: - Virtual size: 1.8MB

.tls Size: 512B - Virtual size: 24B

.VCrypt1 Size: 2.2MB - Virtual size: 2.2MB

.text
Size: - Virtual size: 3.6MB

.data
Size: - Virtual size: 84KB

.rsrc
Size: 21KB - Virtual size: 942KB

.VCrypt0
Size: - Virtual size: 1.8MB

.tls
Size: 512B - Virtual size: 24B

.VCrypt1
Size: 2.2MB - Virtual size: 2.2MB