bbd2a9baeb13a43f13c00da467c4422f

General

Target

bbd2a9baeb13a43f13c00da467c4422f
Size

172KB
MD5

bbd2a9baeb13a43f13c00da467c4422f
SHA1

8cbc66992396c7f5a955a9a87285cce89ff53275
SHA256

d48ffb7c2986375868c1b792687388cb6b2b1b59e6912b275e1aeded5e618d24
SHA512

14a34cf87f13b82e646c3375680f1d2f8954e2d655c7dc48ac28195b9e054fc0876fe027ce3e90af206a5a5847c2605ace1fa98acdc3c2400963831d85b91e6e
SSDEEP

3072:/EV90Urd09kAYFeIocXtv1W+Z0Y17G4DrMh1U7lTHGcg7yir:A0C3Fetc9v1Wia4DrMPU75HDeyir

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bbd2a9baeb13a43f13c00da467c4422f

Files

bbd2a9baeb13a43f13c00da467c4422f
.exe windows:4 windows x86 arch:x86

2a05f94ff300c291da5e42b2252451a0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WriteFile
SizeofResource
LockResource
LoadResource
FindResourceA
CreateDirectoryA
GetWindowsDirectoryA
GlobalAlloc
GlobalFree
GetLastError
RtlUnwind
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
HeapFree
RaiseException
HeapAlloc
HeapReAlloc
TerminateProcess
GetCurrentProcess
HeapSize
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetModuleHandleA
SetHandleCount
GetStdHandle
GetFileType
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
GetCPInfo
GetACP
GetOEMCP
GetProcAddress
LoadLibraryA
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
CloseHandle
ReadFile
SetFilePointer
CreateFileA
GetModuleFileNameA
GetEnvironmentStringsW

advapi32

RegCreateKeyExA
RegEnumValueA
RegDeleteValueA
RegEnumKeyExA
RegOpenKeyExA
RegQueryValueExA
RegSetValueExA
RegOpenKeyA

shell32

ShellExecuteA

user32

GetDlgItem
SetFocus
SetDlgItemTextA
EndDialog
DialogBoxParamA

Sections

.text
Size: 32KB - Virtual size: 30KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 124KB - Virtual size: 123KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2a05f94ff300c291da5e42b2252451a0

Headers

File Characteristics

Imports

kernel32

advapi32

shell32

user32

Sections

.text Size: 32KB - Virtual size: 30KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 4KB - Virtual size: 3KB

.rsrc Size: 124KB - Virtual size: 123KB

.text
Size: 32KB - Virtual size: 30KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 124KB - Virtual size: 123KB