bbec7366ef45faa56b52447bc4bbea01 | Triage

Sharing

General

Target

bbec7366ef45faa56b52447bc4bbea01
Size

80KB
MD5

bbec7366ef45faa56b52447bc4bbea01
SHA1

4f45e8ec0414e758b4b1f88d1cd0654cb7b845bb
SHA256

95719a0570ca4049946f3580e0bb9b7828739cc075f34ac60870bd3825fec61a
SHA512

fd87aa0335cc07f65b60577ba964d2e09394499ea9e721f40e0f1c48110fffc1bde02769e7d6095453ea0be1608a6ec6b1bc730f621d588c3e7100d941fbbd1b
SSDEEP

1536:P/EMUzaGzQxGLvxO9GZtMw3Vt/Bvs+RJJQQr8U8CfIxkZGzh5lJ91rxW5QjY5iRu:P/EMUzhzQgxHtMyGXWj1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bbec7366ef45faa56b52447bc4bbea01

Files

bbec7366ef45faa56b52447bc4bbea01
.exe windows:4 windows x86 arch:x86

4df02e5989f2f0dbf38a9061d8cc3949

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Sleep
FindNextChangeNotification
LoadLibraryA
GetFileAttributesExW
WriteFile
WritePrivateProfileStringW
DeleteFileW
FindClose
GlobalAlloc
SetFilePointer
GlobalUnlock
VirtualAlloc
VirtualFree
DuplicateHandle
GetFileAttributesW
GlobalFree
MulDiv
GetProcAddress
GetCurrentThread
QueryDosDeviceW
ResetEvent
GetDriveTypeW
LockResource
FindFirstFileW
LoadLibraryW
GetFileSize
GlobalLock
SetEndOfFile
SetEvent
GetSystemTime

user32

SystemParametersInfoW
MessageBoxW
PostMessageW
PostQuitMessage
SetDlgItemTextW
DefWindowProcW
OffsetRect
SetCursor
LoadCursorW
SendDlgItemMessageW
IsDlgButtonChecked
RegisterHotKey
InvalidateRect
PostThreadMessageW
LoadImageW
GetWindowRect
ReleaseDC
EnableWindow
TrackPopupMenu
LoadStringW

gdi32

SetBkMode
CreateDCW
CreateFontIndirectW
BitBlt
GetMapMode
CreateBitmap
SetMapMode

advapi32

InitializeSecurityDescriptor
RegOpenKeyExW
RegSetValueExW
RegQueryValueExW

Sections

.dfcvt
Size: 68KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.lpute
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.judk
Size: 4KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE