bbdaa2420aad5036d3e1be980085c379

Sharing

Copy URL Twitter E-mail

General

Target

bbdaa2420aad5036d3e1be980085c379
Size

323KB
MD5

bbdaa2420aad5036d3e1be980085c379
SHA1

cfe112537a33512a667f74b30702ed9d6b6d8e0a
SHA256

e2b65fae81a0286291301951748e173e263a20705c674bf0ede4bbb300bca2b0
SHA512

88986809cd3b4d3675f2f72c097b36323912675f5f4f1ea6b59dcffc5dc2ba40e4d501bdc14692159abfdbe690002d7df985b6ebf8727372548ebce27817100d
SSDEEP

6144:1xUKLVQrxsx5lNaIOiD4glnDuVyjAH2rBtH3fypbxnkXr6s9cD:1qKxQrE5XaIl4glnD3jHVtPKbxe3g

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bbdaa2420aad5036d3e1be980085c379

Files

bbdaa2420aad5036d3e1be980085c379
.exe windows:4 windows x86 arch:x86

ab2703d4647170ff7b5a4f05d59a1015

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

SendMessageW
EnumWindowStationsA
ScreenToClient
CreateWindowExW
GetWindowLongW
CharNextW
GetParent
SetTimer
GetClientRect
KillTimer
LoadImageW
DestroyWindow
TranslateAcceleratorW
GetDlgItem
SetWindowLongW
SetDlgItemTextW
MoveWindow
SetFocus
InvalidateRect
CallWindowProcW

kernel32

OutputDebugStringA
GetModuleFileNameW
GlobalUnlock
DeleteCriticalSection
LCMapStringW
UnmapViewOfFile
GetComputerNameExW
GetConsoleCP
LCMapStringA
EnumUILanguagesW
MultiByteToWideChar
GetLocaleInfoA
FlushFileBuffers
lstrcmpiW
InterlockedIncrement
LocalFree
GetThreadPriorityBoost
MapViewOfFile
GetLastError
GetLocaleInfoW
FindResourceW
UnhandledExceptionFilter
GlobalAlloc
GetCurrentThreadId
GetACP
GetConsoleOutputCP
GetStringTypeW
InitializeCriticalSection
GetCurrentProcess
LockResource
WriteFile
FlushInstructionCache
SetStdHandle
LoadLibraryW
CreateFileMappingW
WriteConsoleA
FreeLibrary
ExitProcess
GetVersionExW
GetModuleHandleW
InterlockedDecrement
LoadLibraryExA
SearchPathW
InterlockedExchange
LoadResource
WriteConsoleW
MulDiv
LeaveCriticalSection
WideCharToMultiByte
GlobalFree
LoadLibraryExW
GlobalLock
InitializeCriticalSectionAndSpinCount
CreateFileA
GetSystemDefaultUILanguage
Sleep
SetUnhandledExceptionFilter
GetCPInfo
CreateFileW
SizeofResource
SetFilePointer
GetConsoleMode
GetStringTypeA
FindResourceExW
GetProcAddress
RaiseException
lstrlenW
FormatMessageW
EnterCriticalSection
GetOEMCP
SetLastError
lstrcmpW
HeapAlloc

msimg32

TransparentBlt

Sections

.text
Size: 192KB - Virtual size: 191KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 128KB - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 5KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ab2703d4647170ff7b5a4f05d59a1015

Headers

File Characteristics

Imports

user32

kernel32

msimg32

Sections

.text Size: 192KB - Virtual size: 191KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 128KB - Virtual size: 128KB

.edata Size: 5KB - Virtual size: 76KB

.text
Size: 192KB - Virtual size: 191KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 128KB - Virtual size: 128KB

.edata
Size: 5KB - Virtual size: 76KB