bc316f3c58b71d45a56d109441113902

Sharing

Copy URL Twitter E-mail

General

Target

bc316f3c58b71d45a56d109441113902
Size

473KB
MD5

bc316f3c58b71d45a56d109441113902
SHA1

ed65b3aea94f03531d1ae24a933178b5ee45df73
SHA256

77c3e2667a34add0eda945099e1f314d274588525e9bfd31458103c416427e1f
SHA512

ad0b182afbcb0274da78dca6d3e06c5434601e0833cc1086b817f8ec8e1d4d33a1139682df4b9ed98e3eace436d60ebcf5734e4014951eb7c99a8bb2c6d5473a
SSDEEP

6144:Zi4tQfKix/Hhh/v7pRDrjXz1DVoFzrGlhmNLODEf:Z/QfJx/BhXtFZDV3gNaD2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bc316f3c58b71d45a56d109441113902

Files

bc316f3c58b71d45a56d109441113902
.exe windows:4 windows x86 arch:x86

759362195ce8fba3f74d3dd511f63a3f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TlsGetValue
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
SetStdHandle
InterlockedDecrement
InterlockedIncrement
GetStringTypeA
GetStringTypeW
GetTimeZoneInformation
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
LoadLibraryA
SetEndOfFile
CompareStringA
CompareStringW
SetEnvironmentVariableA
SetLastError
LocalFree
lstrcpynA
LocalAlloc
GlobalFree
GlobalUnlock
GlobalHandle
GlobalLock
GlobalReAlloc
GlobalAlloc
LocalReAlloc
lstrcpyA
GlobalDeleteAtom
GlobalFindAtomA
GlobalAddAtomA
lstrcmpiA
GlobalGetAtomNameA
lstrcatA
FreeLibrary
GetProcessVersion
lstrcmpA
GlobalFlags
TlsAlloc
TlsSetValue
GetCurrentThreadId
GetCurrentDirectoryA
GetFullPathNameA
SetFilePointer
ReadFile
IsBadWritePtr
HeapReAlloc
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
LCMapStringW
LCMapStringA
MultiByteToWideChar
WideCharToMultiByte
GetOEMCP
GetACP
GetCPInfo
GetProcAddress
DeleteCriticalSection
InitializeCriticalSection
WriteFile
FlushFileBuffers
LeaveCriticalSection
EnterCriticalSection
ExitProcess
GetVersion
GetCommandLineA
GetStartupInfoA
GetModuleHandleA
RtlUnwind
FindFirstFileA
GetDriveTypeA
FileTimeToLocalFileTime
FileTimeToSystemTime
FindClose
HeapAlloc
HeapFree
DeleteFileA
GetLastError
RaiseException
HeapSize
GetFileTime
GetSystemDirectoryA
GetTempPathA
GetModuleFileNameA
CreateThread
CopyFileA
WinExec
Sleep
OpenProcess
OpenFile
CreateProcessA
CreateFileA
GetSystemTime
SystemTimeToFileTime
SetFileTime
CloseHandle
lstrlenA

advapi32

CloseServiceHandle
OpenSCManagerA
OpenServiceA
QueryServiceStatus
StartServiceA

psapi

GetModuleFileNameExA
EnumProcessModules
EnumProcesses

comctl32

ord17

wininet

InternetOpenA
InternetCloseHandle
InternetOpenUrlA
HttpQueryInfoA
InternetReadFile
InternetGetConnectedState

user32

CopyRect
GetClientRect
AdjustWindowRectEx
SetFocus
GetSysColor
MapWindowPoints
PostMessageA
LoadIconA
SetWindowTextA
LoadCursorA
GetSysColorBrush
ReleaseDC
GetDC
GetClassNameA
PtInRect
ClientToScreen
PostQuitMessage
DestroyMenu
TabbedTextOutA
DrawTextA
GrayStringA
WinHelpA
GetClassInfoA
RegisterClassA
GetMenu
GetSubMenu
GetMenuItemID
GetDlgItem
GetWindowTextA
GetDlgCtrlID
DefWindowProcA
DestroyWindow
CreateWindowExA
GetClassLongA
SetPropA
GetPropA
CallWindowProcA
RemovePropA
GetMessageTime
GetMessagePos
GetForegroundWindow
SetForegroundWindow
GetWindow
SetWindowLongA
SetWindowPos
RegisterWindowMessageA
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindowRect
GetSystemMetrics
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetFocus
GetNextDlgTabItem
DispatchMessageA
GetKeyState
CallNextHookEx
PeekMessageA
SetWindowsHookExA
GetParent
GetLastActivePopup
IsWindowEnabled
GetWindowLongA
SendMessageA
MessageBoxA
EnableWindow
UnhookWindowsHookEx
LoadStringA
GetTopWindow
GetMenuItemCount
GetCapture
ModifyMenuA

gdi32

GetStockObject
SelectObject
SaveDC
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
DeleteDC
RestoreDC
DeleteObject
GetDeviceCaps
GetObjectA
SetBkColor
SetTextColor
GetClipBox
CreateBitmap
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

Sections

.text
Size: 80KB - Virtual size: 77KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 125KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 60KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

759362195ce8fba3f74d3dd511f63a3f

Headers

File Characteristics

Imports

kernel32

advapi32

psapi

comctl32

wininet

user32

gdi32

winspool.drv

Sections

.text Size: 80KB - Virtual size: 77KB

.rdata Size: 16KB - Virtual size: 14KB

.data Size: 8KB - Virtual size: 125KB

.rsrc Size: 60KB - Virtual size: 58KB

.text
Size: 80KB - Virtual size: 77KB

.rdata
Size: 16KB - Virtual size: 14KB

.data
Size: 8KB - Virtual size: 125KB

.rsrc
Size: 60KB - Virtual size: 58KB